Using /bin/sh to exec subsystems [PATCH]
Patrick Higgins
phiggins at transzap.com
Sat May 26 01:27:34 EST 2001
That's clever. I guess my only reservation about that sort of thing is I
prefer my security-critical code to be peer-reviewed, not something I
cook up myself. That's why I'd like to see the solution be a direct part
of OpenSSH (where I know it will be audited).
Your solution is very flexible, though. Perhaps we could put your script
(or a similar one) in the contrib directory so that everyone can at
least start with a well-written restricted shell, and hope that the
customization process doesn't ruin it?
-Pat
> The way I have set it up is a simple taint-mode enabled perl script, it
> checks for command options, and if it is a permitted program
> (sftp-server) then the server is run (hardcoded path). If we get
> another subsystem, I just add an elsif. If they specify nothing, they
> get a password change prompt (the inital reason for the script).
>
> Andrew Bartlett
More information about the openssh-unix-dev
mailing list