diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2017-12-31 17:41:55 -0200 | 
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2017-12-31 17:41:55 -0200 | 
| commit | 028accfd58fc446cd6b9b8bcc4cbbab1bff7911e (patch) | |
| tree | ad156546cef8b160d31b57e20c8958d4e1284eb9 /kvmx-shell | |
| parent | ba560f275675cdb42499c5b03f2593cde508da9b (diff) | |
| download | kvmx-028accfd58fc446cd6b9b8bcc4cbbab1bff7911e.tar.gz kvmx-028accfd58fc446cd6b9b8bcc4cbbab1bff7911e.tar.bz2 | |
Adds kvmx-restricted-shell
Diffstat (limited to 'kvmx-shell')
| -rwxr-xr-x | kvmx-shell | 10 | 
1 files changed, 10 insertions, 0 deletions
| @@ -22,4 +22,14 @@  DIRNAME="`dirname $0`"  # Dispatch +# +# WARNING: this is not a restricted shell. By using the "config" action +# one can easilly run arbitrary commands. So assume kvmx-shell is just +# a utility wrapper for kvmx and not a complete isolation sollution. +# +# Assume this shell is as safe as giving /bin/bash access to the user. +# +# You might use `kvmx-restricted-shell` instead of use it as an example to +# build a restricted shell by allowing just a small subset of kvmx commands +# like starting/stopping the guest.  $DIRNAME/kvmx shell $USER | 
