I am hardening a server and attempting to build a restrictive layer to a potential hacker even with root access to the server to do harm.
If a user gains root or user access to the shell via say ssh, is there any other way for a user to access system commands other than via the shell commands available to them? Although cd
is a built-in command and could not be removed easily since the bash shell does that command itself see:(https://unix.stackexchange.com/questions/11454/what-is-the-difference-between-a-builtin-command-and-one-that-is-not) see:(https://unix.stackexchange.com/questions/38808/why-is-cd-not-a-program), If ls
and ps
were disabled on the server, would a intruder have another way to issue system commands?
Assuming that secure copy (scp) was uninstalled on the system and they could not directly upload a payload to the server via scp, and they only had shell access (not physical access).
EDIT: Another element to this question is do arbitrary code execution vulnerabilities typically use bash commands. So, is would this system hardening procedure do anything to prevent say an Apache exploit that gained full root access.