From 8f2a63b936ddf781c5b591d76108b11579485f39 Mon Sep 17 00:00:00 2001 From: Joe Rayhawk Date: Sun, 23 Sep 2018 00:19:02 -0700 Subject: pinyshell: use zsh and restrict read builtin Along with rbash careening towards crazytown, rksh has some problematic behavior around HISTFILE creation that forces us to use zsh. We are additionally disabling the "read" builtin for extra safety. Other builtins should maybe also be disabled in the future. --- pinyadmin/bin/pinyshell | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'pinyadmin/bin') diff --git a/pinyadmin/bin/pinyshell b/pinyadmin/bin/pinyshell index 2cfc3cf..9a63b14 100755 --- a/pinyadmin/bin/pinyshell +++ b/pinyadmin/bin/pinyshell @@ -3,4 +3,6 @@ cd /srv/rbin umask 0022 export PATH=/srv/rbin -exec /bin/ksh -r "$@" + +export ZDOTDIR=/usr/share/piny/zdotdir +exec /bin/zsh-static -r "$@" -- cgit v1.2.3