[PATCH] Re: restricted shell
Andrew Bartlett
abartlet at pcug.org.au
Mon Apr 30 23:57:10 EST 2001
Markus Friedl wrote:
>
> On Mon, Apr 30, 2001 at 11:42:08PM +1000, Andrew Bartlett wrote:
> > Also, while we are looking at restricted shells, adding this patch might
> > be worth it (if its not added already, I never got confirmation - and
> > havn't been following OpenSSH as much recently. (Then again, I can't
> > find a record I sent it either...). I'm also not sure how much testing
> > it got.
>
> a similer patch is in openssh-current (i hope).
>
> -m
Actualy, no. Presuming that cvs-web is openssh-current, we still use
/bin/sh to execute the user's sshrc. I allow my users a restricted
shell (taint-mode enabled perl script) that lets them do things like
change their password, so this kind of matters. I also allow them sftp
access.
--
Andrew Bartlett
abartlet at pcug.org.au
More information about the openssh-unix-dev
mailing list