search

ghantoos / lshell

lshell is a shell coded in Python, that lets you restrict a user's environment to limited sets of commands, choose to enable/disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing restriction, and more.
GNU General Public License v3.0
436 stars 112 forks source link

user can change their shell #101

Closed suker413 closed 9 years ago

suker413 commented 9 years ago

lshell is a very well project,i like it!!

i have a problem , if user modify a command and add another command in it , for example:

cat /home/bar/test

!/bin/bash

echo "hello bar"

modify like this:

cat /home/bar/test

!/bin/bash

echo "hello bar" /bin/bash

when i run test in lshell ,it will change my shell ,logging and command are all invalid.

thanks!!

ghantoos commented 9 years ago

Unfortunately, it is still not possible to prevent a command from launching another shell. The administrator should only give access to commands that are known as "secure". For example rvim instead of vim, not give access to chmod, etc.

ghantoos commented 9 years ago

I have just re-tested, unless you give the user the right to execute this script, he should be unable to do so.

You are in a limited shell.
Type '?' or 'help' to get the list of allowed commands
ghantoos3:~$ ./bin/sh-test
*** forbidden command: ./bin/sh-test
suker413 commented 9 years ago

hi,ghantoos,for example: liangsh@dev2:~$ ? clear exit help history lpath lsudo tttt vi

root@dev2:/home/liangsh# cat tttt

!/bin/bash

echo "change shell to bash"

liangsh@dev2:~$ w *\ forbidden command: w

when modify tttt like this:

liangsh@dev2:~$ vi tttt liangsh@dev2:/home/liangsh# cat tttt

!/bin/bash

echo "change shell to bash" /bin/bash

liangsh@dev2:~$ tttt change shell to bash liangsh@dev2:~$ w 11:51:23 up 24 min, 3 users, load average: 0.00, 0.01, 0.02 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root pts/0 172.16.201.1 11:27 3:47 0.12s 0.12s -bash liangsh pts/1 172.16.201.1 11:43 3.00s 0.04s 0.00s w root pts/2 172.16.201.1 11:35 11:15 0.08s 0.08s -bash

ghantoos commented 9 years ago

In order to have this working, the user must have write access to executable scripts, in which case lshell cannot prevent them from adding content, and escaping from the shell. It is the administrators responsibility to manage this scenario.

There is a solution, using something like noexec (http://noexec.sourceforge.net/), in order to catch escapes, but I'm not sure I want to add this layer of complexity. Unless someone is willing to code it in python? :)

Also, if using vi, you can directly launch a bash session from inside vi. I recommend using rvim combined with lshell.