Using /bin/sh to exec subsystems [PATCH]
Jason Stone
jason at shalott.net
Fri May 25 08:36:21 EST 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Using sftp-server as a login shell works fine for sftp, but it's
> causing some problems with other services. There really needs to be a
> cleaner way to restrict access to specific subsystems.
A similar problem that I've run into is when I want to allow limited
access with keys (eg, I want a user to be able to only run one command, or
to only be able to port forward, etc). In order for the command-squashed
command to be run, the user has to have a valid shell. Unfortunately, a
valid shell usually implies to the rest of the system that the user is
allowed to have shell access. So now I have to worry about the other
services on the machine doing the right thing and denying access, even
though the user has a valid shell.
So in both cases (subsystems, command-squashed commands), why not have
sshd fork and exec the command directly? Why go through the shell at all?
-Jason
---------------------------
If the Revolution comes to grief, it will be because you and those you
lead have become alarmed at your own brutality. --John Gardner
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg
iD8DBQE7DYzoswXMWWtptckRAs7vAJ9un6qDcn4WGcWXVigf3WgEoDgcQwCgtVIn
No2kmtFrJPGvqQ7n0ROTn60=
=OGDG
-----END PGP SIGNATURE-----
More information about the openssh-unix-dev
mailing list