1

Use case:

I would like to host a console application I built on an EC2 instance on AWS and give very strict limited access to the people who will connect to it:

  • They must not be able to access the shell or execute any command on the machine
  • They must not be able to use port forwarding
  • They must not be able to copy or read anything from that machine, especially not environment variables
  • They are only allowed to use that console application

My solution:

  1. Create a user:
    • I replace its shell by the console application so the user can only access to that and nothing else
  2. Disable port forwarding

I'm not sure if that would be enough to secure the machine. That's why I'm asking here some advice or confirmation that this will work and will be 100% secure.

Cecile
  • 1,553
  • 1
  • 15
  • 26
  • For Securing AWS you can use IAM Roles. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UsingIAM.html For Securing Linux Machine: https://stackoverflow.com/questions/21498667/how-to-limit-user-commands-in-linux – somsgod Jul 17 '19 at 12:16
  • Does the application shell have the ability to quit or execute, a bash command or a built-in command like 'export' or 'enable'? – Igor Servulo Jul 17 '19 at 13:48
  • @somsgod they actually don't need bash at all but thanks it might be useful (I know replacing the shell of a user can be very problematic) – Cecile Jul 17 '19 at 14:18
  • 1
    @IgorServulo no the console application will run no sub command at all. I also plan to compile it as static binary – Cecile Jul 17 '19 at 14:20
  • 1
    If you manage to block all built-in commands from the application console, and inside the application console you've restricted the actions (rwx) inside the server, replacing the shell is enough. – Igor Servulo Jul 17 '19 at 14:28
  • Thanks a lot for the answer :) – Cecile Jul 17 '19 at 15:25
  • @IgorServulo do you mind making a proper StackOverflow answer so I can validate it? – Cecile Jul 26 '19 at 04:36
  • @Cecile I'll do it today! – Igor Servulo Jul 28 '19 at 18:27

1 Answers1

2

As we discussed on the comment section of your question:

  • If you manage to replace the shell of the user for your application console and guarantee that it's not possible to run bash commands, terminal built-in functions (like export, enable, disable), and make sure that your application console have the right permissions (rwx) to interact with only the files and paths that your application needs to interact, then, you should be fine.
Igor Servulo
  • 371
  • 1
  • 9