Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!decvax!tektronix!hplabs!sri-unix!did@UCLA-LOCUS.ARPA
From: did@UCLA-LOCUS.ARPA
Newsgroups: net.unix-wizards
Subject: Re: Is the restricted shell really secure?
Message-ID: <754@sri-arpa.UUCP>
Date: Sun, 5-Aug-84 00:36:33 EDT
Article-I.D.: sri-arpa.754
Posted: Sun Aug  5 00:36:33 1984
Date-Received: Mon, 6-Aug-84 05:46:07 EDT
Lines: 17

From:            "David I. Dalva" 


	You should be able to keep a restricted account from wandering afield
	home directory for the restricted account "foo" be "/mnt/locked/foo"
	[...] where "/mnt/locked" is owned by root and is mode 700.

Sorry, "cd /" gets you out into the free world.  You'd have to take cd
(and chdir) out of the shell (but a C program which did a chdir(2) call
and a fork would simulate *that* :-( ).

...and there's also the problem of not being able to access your home
directory at login time.

Dave
Arpa: did@UCLA-LOCUS.ARPA
UUCP: {ihnp4 | randvax | sdcrdcf | trwspp | ucbvax}!ucla-cs!did