Original mail from the history of WizPort! Posted to: alt.sources,rec.games.mud.admin,comp.unix.questions,comp.unix.wizards ----------- The WizPort ----------- The WizPort is a telnet server with a pseudo-machine and restricted shell. * Huh? * Whats that mean to me? That means that you can have your own 'machine' that you can create accounts for other people on with whatever file access you want. All this can be done from a regular non-root UNIX account. * Why do I want it? The WizPort was originally developed for MUDs. If you are running a mud, it means that you can give your coders UNIX commands like vi, ftp, grep, and so on while maintaining the illusion of the mud filesystem and file security. If you aren't running a mud, it means that you have the ability to give out accounts to people for partial access to your files, without having to give them access to your entire account. You can also set up 'guest' type accounts to enhance internet services or to create new services. Its also a great way for different users to work on the same files for a project. * What can it do? It listens at a telnet port to accept login connections to a shell. The shell has its own root directory and its own set of file securities. It is very configurable. It has its own bin/ directory and its own utilities, including communication between logged in users. Mostly automated installation Lots of documentation And much, much more. * How secure is it? Every since its release in July of 1993, only one security bug has been found, and it was patched before there was any damage. Previous to its release I set up a hack site where I had a number of my hacker friends try to break in, so we could make the wsh airtight. In my opinion, it is more secure than UNIX if set up properly. So take a look at it! * Ok, where can I get it? I've seen it on ftp sites, but they often have out of date information. You can download it through http right here If that doesn't work, you can email me. * Then what? Well, take a look at some of the documentation, such as the file: "wsh/docs/1.WhatIsIt" which gives a mini-demonstration of what the WizPort can do. Also look at some of the other files in docs/ such as the wsh.man man page. If you decide you want to use the package, go ahead and try to install it. Also, if you plan on actually using the package, you need to mail me to let me know you are using it - this is explained in the Copyright agreement. Other than that, you are free to use WizPort at no charge. * Who are you? A really great guy! Well, okay, so I am David Ljung, Project co-ordinator of the WizPort Package. You can reach me at: wizportMail -at- davesource dot com Enjoy!
* Is there a future for WizPort? Not likely, unless my company goes public and I retire early :) I have some ideas for a future WizPort - someone asked me this: Serhat Sakarya
said: > I do think the 'wizshell' could be quite useful as a restricted shell > environment for other applications too. What I would like to see changed > is to catch the system calls directly, instead of having to rely on the > programs themselves to provide the security checks. Well - that depends on how you do it. WizPort 2.0 was going to be a library that did exactly that, and then you would just recompile some shells and editors and whatnot to use with it. Never started it, it wouldn't be too hard to do that. A cooler option is presented with LD_PRELOAD on linux, you can overload your libraries for future execs - that's beyond wild. But it's a little sketchy - you have to make sure people don't undo the LD_PRELOAD in one of their apps. But if you wrote it correctly, then you'd just have to do the LD_PRELOAD, and then use normal shells, normal editors, even compilers if you wanted to. But it would only work on linux systems. I've found some interesting links on people doing stuff like this (using ptrace() and /proc and whatnot): o The Janus Project o Subterfugue o Debian fakeroot o Debian libtricks (new fakeroot and more) o Ufo Project (see the Catcher - uses /proc)