After years of reading helpful questions/answers on superuser, today it's my turn. I'm playing around with "lshell", a linux shell written in python (lshell on github) which gives the opportunity to whitelist commands that a user types into the console. After successfull installation, the shell is placed in
/usr/bin/lshell
With the following command
chsh -s /usr/bin/lshell startup
I change the shell to be active for the user called startup. Now the user startup log in and execute the following whitelisted command
./start.sh
which starts a little java application that can itself execute commands on the command line. But now the application can run all available commands without taking care of the whitelist. A simple
which bash
over the java application returns
/bin/bash
as current shell. Is there any possible way to force the user to the whitelist shell? I don't think that this is a problem with lshell. I tried the same procedure with rbash and got the same results.
Thanks in advance!