Lots of thanks to everybody that responded.
1.
Some people said they thought you could turn off that option when
compiling elm.
What it actually lets you turn off is breaking into a shell from elm
itself, which we did turn off,
however when it asked which editor we wanted, we said `vi' and you can
still break into the shell
from vi.
2.
Other people said to use .exrc files:
Try placing a file named .exrc in the home directory of each user with
read-only permissions for them, and the following contents
shell=/bin/false
where /bin/false is a dummy shell or something that tells them that
they can't
get a shell.
(Make sure to specify that exrc=noexrc in the same file,
so that the usre cannot attempt to load another .exrc file to bypass
this).
You may want to remove all write permissions to .exrc so the user can
not
vi the file and remove the line
3.
Other people suggested getting source code for a `vi' clone and
compiling it without the shell option:
You could get a copy of the "vim" ( = Vi IMproved) vi-clone, which
does
all that vi does, and more, and switch off the shell fork option in
the
source-code - I heartily recommend it!
or.
Sure - checkout OSH & its accompaning 'nvi' which has been modified to
specifically stop vi shell-escapes (though do note that this nvi has
some build
'oddities' with curses libraries..).
OSH URL is: http://www.EnGarde.com/~mcn/osh.html
or
The simplist and strongest way I know is to get the source
for vi clone (such as the one that comes with Liux) or vi
itself (from the BSD destribution), rip out the shell escape
code and compile it statically.
or
Another option: compile GNU vi with shell escape capability
removed.
Thanks once again
Marina
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:53 CDT