[PATCH] Re: restricted shell
Markus Friedl
markus.friedl at informatik.uni-erlangen.de
Tue May 1 02:50:26 EST 2001
On Tue, May 01, 2001 at 12:23:38AM +1000, Andrew Bartlett wrote:
> Markus Friedl wrote:
> >
> > > Actualy, no. Presuming that cvs-web is openssh-current, we still use
> > > /bin/sh to execute the user's sshrc. I allow my users a restricted
> > > shell (taint-mode enabled perl script) that lets them do things like
> > > change their password, so this kind of matters. I also allow them sftp
> > > access.
> >
> > yes, i remember. i'm not sure what to do.
> >
> > executing the LOGIN shell for .ssh/sshrc will break
> > old installations...
>
> But you could chain: login-shell -> /bin/sh/ -> sshrc could you not?
oh yes, thanks. this will be probably in post-2.9
-m
More information about the openssh-unix-dev
mailing list