restricted shell

Markus Friedl markus.friedl at informatik.uni-erlangen.de
Mon Apr 30 02:03:04 EST 2001


On Sat, Apr 28, 2001 at 12:44:32PM -0400, Gyepi SAM wrote:
> On Sat, Apr 28, 2001 at 06:24:48PM +0200, Markus Friedl wrote:
> > it's easier if the sftp-server does chroot.
> 
> But then scp would also have to do the same thing if we are allowing both.
> It would seem easier to be to leave sftp-server and scp as they are and
> centralize the chroot and other related local security measures in the
> restricted shell, no?

no :)

if sshd chroots, you need to copy the (static?) sftp-server
to every home-dir. this is no fun on solaris, just
look at the mess ssh-chrootmgr(1) creates.

> > additionally you have to disallow writing of $HOME,
> > restrict sftp to subdirs only. otherwise the user
> > can modify .ssh or .forward...
> 
> I would leave this as an administrator option since I can imagine scenarios
> where both of those actions might be desirable.

yes, but they are usually not aware of this.

-m



More information about the openssh-unix-dev mailing list