home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.20041116-20060924
/
000300_moxiefreak@gmail.com_Fri Mar 31 10:12:18 2006.msg
< prev
next >
Wrap
Internet Message Format
|
2020-01-01
|
2KB
Path: newsmaster.cc.columbia.edu!panix!newsfeed-00.mathworks.com!newsfeed2.dallas1.level3.net!news.level3.com!postnews.google.com!v46g2000cwv.googlegroups.com!not-for-mail
From: moxiefreak@gmail.com
Newsgroups: comp.protocols.kermit.misc
Subject: "Restrictive" mode for kermit?
Date: 29 Mar 2006 14:09:31 -0800
Organization: http://groups.google.com
Lines: 25
Message-ID: <1143670171.731135.259530@v46g2000cwv.googlegroups.com>
NNTP-Posting-Host: 66.151.231.11
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
X-Trace: posting.google.com 1143670176 12103 127.0.0.1 (29 Mar 2006 22:09:36 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Wed, 29 Mar 2006 22:09:36 +0000 (UTC)
User-Agent: G2/0.2
X-HTTP-UserAgent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.12) Gecko/20051122 Firefox/1.0.7,gzip(gfe),gzip(gfe)
Complaints-To: groups-abuse@google.com
Injection-Info: v46g2000cwv.googlegroups.com; posting-host=66.151.231.11;
posting-account=tDDf3A0AAACrWmHQUWoUPMlp2AjAKdnf
Xref: newsmaster.cc.columbia.edu comp.protocols.kermit.misc:15558
Hello,
I'm attempting to architect a solution that provides a convenient
"front end" for dialing into remote sites via dialup. In doing this, I
plan on writing a kermit script that takes care of dealing with the
specifics of connecting to the remote sites, including providing
passwords.
Ideally, I'd like to have the users execute the kermit script using
something like sudo so that they do not have access to the contents of
the kermit script, which will contain passwords. This works, except
for the fact that once the user is let loose on the remote site (the
script hits the CONNECT command), he or she may escape to a command
prompt and subsequently execute shell commands, one of which could
"cat" the script and reveal the passwords.
Is there any way to execute kermit in a "restricted" mode, where once
it is placed in a CONNECTed mode, there's nowhere to go except exiting?
I know that this is not exactly a foolproof solution, but since other
controls (e.g. external logging) will be in place, the goal is to only
make it "rather difficult" rather than "impossible".
Thank you,
Steve