lshell is a shell coded in Python, that lets you restrict a user's environment to limited sets of commands, choose to enable/disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing restriction, and more.
GNU General Public License v3.0
437
stars
112
forks
source link
Prevent shell execution tag in command parameters #205
For instance, if I want to allow 'echo', but prevent 'cat', how can I prevent users from doing:
$ echo "$(cat file.txt)"
For info, the 'forbidden' config does not catch command parameters
Thanks a lot for such a nice tool!
Best regards,