If i start a restricted shell with rbash i am able to run programs because PATH is the same as in a normal shell. If i start a restricted shell with bash -r am not able to run any program because PATH is not set. Shouldn't be rbash and bash -r completly the same? My version of bash is: bash-2.05b-r7
In adition, it seems that rbash runs /etc/profile at login!
it seems to me like bash -r enables the restriction *before* running the profile. rbash enables the restriction *after* running the profile. from the bash manpage: "These restrictions are enforced after any startup files are read." I suppose bash -r is 'buggy', though working around is easy (and it might be a feature instead of a bug) :-)
According to the man-page and info-pages they should be the same thing, you're right. Sounds fishy to me so I filed a bug using bashbug
please don't forget to mention we have a patched bash (for rbash!) (/usr/portage/app-shells/bash/files/bash-2.05b-rbash.patch)
does rbash still differently w/out that patch ?
Yup, I've just compiled bash without the patch and it seem to have the same problem. I can't see the purpose of the patch, restricted bash still works...
Thanks for mentioning the patch. I hadn't noticed it previously. Thankfully it's unrelated to the problem reported upstream
bash 3.00 seems to be fixed...
/me thinks rbash is pretty silly substitute for proper access control. One just has to type bash from within the rbash shell to escape it. solar@simple ~ $ rbash solar@simple ~ $ pwd /home/solar solar@simple ~ $ cd / rbash: cd: restricted solar@simple ~ $ bash solar@simple ~ $ cd / solar@simple / $ pwd / solar@simple / $ bash --version GNU bash, version 3.00.0(1)-release (i686-pc-linux-gnu) Copyright (C) 2004 Free Software Foundation, Inc.
regardless, bash-3.x seems to have things fixed