home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.unix.admin
- Path: sparky!uunet!charon.amdahl.com!pacbell.com!decwrl!elroy.jpl.nasa.gov!sdd.hp.com!news.cs.indiana.edu!nstn.ns.ca!cs.dal.ca!silvert
- From: silvert@cs.dal.ca (Bill Silvert)
- Subject: Re: Limited telnet program?
- Message-ID: <Bx9tvG.ArI@cs.dal.ca>
- Sender: usenet@cs.dal.ca (USENET News)
- Nntp-Posting-Host: cs.cs.dal.ca
- Reply-To: silvert@biome.bio.ns.ca (Bill Silvert)
- Organization: Math, Stats & CS, Dalhousie University, Halifax, NS, Canada
- References: <Bx9MK3.4nL@techbook.com>
- Distribution: na
- Date: Fri, 6 Nov 1992 01:38:03 GMT
- Lines: 23
-
- In <Bx9MK3.4nL@techbook.com> jamesd@techbook.com (James Deibele) writes:
-
- >I would like to set up a limited telnet program for people to use.
- >Specifically, I'd like to provide local librarians a way of telneting to
- >selected online library catalogs via a menu. If the telnet to that site
- >fails, I would want the telnet program to exit with an error level,
- >which I could then catch with a shell or program. I don't want people
- >who use this account to be able to exit to a shell from within telnet,
- >and I don't want them to be able to telnet elsewhere.
-
- Instead of hacking telnet, why not just restrict the account they log in to?
- I've set up accounts which run programs as shells. For example, if you
- decide to use gopher as the menu program, write a program (I can provide
- an example) which sets the TERM=vt100 and SHELL=/dev/null environment
- variables and then runs gopher.
-
- As for restricting where they telnet, you can always write a program
- that uses a system call to run telnet, but you will have to make sure
- that telnet is not available to them directly. Perhaps with chroot?
- --
- William Silvert, Habitat Ecology Division, Bedford Inst. of Oceanography
- P. O. Box 1006, Dartmouth, Nova Scotia, CANADA B2Y 4A2. Tel. (902)426-1577
- InterNet Address: silvert@biome.bio.ns.ca
-
