[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: chroot ssh users

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: chroot ssh users
From: Chuck Yerkes <chuck+obsd_(_at_)_2003_(_dot_)_snew_(_dot_)_com>
Date: Mon, 20 Jan 2003 12:36:24 -0500
Mail-followup-to: Chuck Yerkes <chuck+obsd_(_at_)_2003_(_dot_)_snew_(_dot_)_com>, misc_(_at_)_openbsd_(_dot_)_org
Reply-to: misc_(_at_)_openbsd_(_dot_)_org

That administration of it is near impossible, complexity is radically
increased, and mistakes are much more likely on the administrators'
part.  If you want to restrict as user, give the user a restricted
shell.

Quoting Telent (telent_(_at_)_mordac_(_dot_)_info):
> > > /usr/bin/sudo /usr/sbin/chroot $HOME /bin/csh
> > 
> > chroot to a directory owned by the user is dangerous.
> 
> Yes, it is, but no more dangerous than giving them any writable area at
> all to upload binaries... or am I missing something, and it is?

Prev by Date: mod_auth_ldap
Next by Date: the openbechede project
Previous by thread: Re: chroot ssh users
Next by thread: Re: chroot ssh users
Index(es):
- Date
- Thread

Visit your host, monkey.org