home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.20041116-20060924
/
000296_scottac@nb.sympatico.ca_Thu Mar 30 13:17:21 2006.msg
< prev
next >
Wrap
Internet Message Format
|
2020-01-01
|
2KB
Path: newsmaster.cc.columbia.edu!panix!newsfeed.media.kyoto-u.ac.jp!border2.nntp.dca.giganews.com!nntp.giganews.com!novia!nf3.bellglobal.com!ursa-nb00s0.nbnet.nb.ca!53ab2750!not-for-mail
From: "Scott Caissie" <scottac@nb.sympatico.ca>
Newsgroups: comp.protocols.kermit.misc
References: <1143670171.731135.259530@v46g2000cwv.googlegroups.com>
Subject: Re: "Restrictive" mode for kermit?
Lines: 37
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-RFC2646: Format=Flowed; Original
Message-ID: <ARMWf.51854$VV4.876177@ursa-nb00s0.nbnet.nb.ca>
Date: Thu, 30 Mar 2006 08:42:08 GMT
NNTP-Posting-Host: 156.34.27.126
X-Complaints-To: abuse@aliant.net
X-Trace: ursa-nb00s0.nbnet.nb.ca 1143708128 156.34.27.126 (Thu, 30 Mar 2006 04:42:08 AST)
NNTP-Posting-Date: Thu, 30 Mar 2006 04:42:08 AST
Organization: Aliant Internet
Xref: newsmaster.cc.columbia.edu comp.protocols.kermit.misc:15553
If I understand correctly, this should work:
SET TERMINAL ESCAPE-CHARACTER DISABLE (or DISABLED, I forget).
Prevents the user from attempting to manually go back to the prompt while in
CONNECT mode.
<moxiefreak@gmail.com> wrote in message
news:1143670171.731135.259530@v46g2000cwv.googlegroups.com...
> Hello,
>
> I'm attempting to architect a solution that provides a convenient
> "front end" for dialing into remote sites via dialup. In doing this, I
> plan on writing a kermit script that takes care of dealing with the
> specifics of connecting to the remote sites, including providing
> passwords.
>
> Ideally, I'd like to have the users execute the kermit script using
> something like sudo so that they do not have access to the contents of
> the kermit script, which will contain passwords. This works, except
> for the fact that once the user is let loose on the remote site (the
> script hits the CONNECT command), he or she may escape to a command
> prompt and subsequently execute shell commands, one of which could
> "cat" the script and reveal the passwords.
>
> Is there any way to execute kermit in a "restricted" mode, where once
> it is placed in a CONNECTed mode, there's nowhere to go except exiting?
> I know that this is not exactly a foolproof solution, but since other
> controls (e.g. external logging) will be in place, the goal is to only
> make it "rather difficult" rather than "impossible".
>
> Thank you,
> Steve
>