I'm running a Linux system that starts a custom text mode application from the .bashrc. The users are getting disconnected due to network dropouts.
I had the idea that I'd use screen to allow them to get back to the prior session, but I like to make sure that they can't open a subshell that allows access to the UNIX command line (or for that matter, another login).
I've modified .screenrc with the following: bind c bind ^c
To prevent the Control-A Control-C command from working. Are are any other security issues that I need to be a where of here?
You'll have to prevent users from doing
C-a : shell
as well, and probably many other commands. Look into screen acl commands. Start withaclchg $USER -x ?
and enable the commands you see fit.