[PATCH] Re: restricted shell

Andrew Bartlett abartlet at pcug.org.au
Mon Apr 30 23:57:10 EST 2001


Markus Friedl wrote:
> 
> On Mon, Apr 30, 2001 at 11:42:08PM +1000, Andrew Bartlett wrote:
> > Also, while we are looking at restricted shells, adding this patch might
> > be worth it (if its not added already, I never got confirmation - and
> > havn't been following OpenSSH as much recently.  (Then again, I can't
> > find a record I sent it either...).  I'm also not sure how much testing
> > it got.
> 
> a similer patch is in openssh-current (i hope).
> 
> -m

Actualy, no.  Presuming that cvs-web is openssh-current, we still use
/bin/sh to execute the user's sshrc.  I allow my users a restricted
shell (taint-mode enabled perl script) that lets them do things like
change their password, so this kind of matters.  I also allow them sftp
access.

-- 
Andrew Bartlett
abartlet at pcug.org.au



More information about the openssh-unix-dev mailing list