restricted shell
Gyepi SAM
gyepi at praxis-sw.com
Sat Apr 28 23:26:19 EST 2001
Hello,
I would like to elicit a discussion about the merits of a statically linked
restricted chrooting shell like scponly which incorporates the functionality of scp
and sftp. The benefits is that a chrooted user directory does not have to
contain the binaries or libraries for scp and sftp and an administrator does not have to
play games with the home path to chroot a user. The disadvantage, of course,
is that any other functionality like 'ls' would also have to be compiled
into the shell.
I am thinking that the easiest way to add scp and sftp is to build them as
libraries which can be linked to the shell. This requires that the code in
main() be moved into another function which can then be called by
bin_main(), which would be used for the binary and called from main(),
and scp_main() and sftp_main which would be called by the shell.
The archive appear to show that this kind of functionality has been desired
for some time.
-Gyepi Sam
--
Write it on your heart that every day is the best day in the year.
No man has learned anything rightly, until he know that every day is Doomsday.
--Ralph Waldo Emerson
More information about the openssh-unix-dev
mailing list