ssh-dummy-shell

Chris Adams cmadams at hiwaay.net
Sun Nov 25 04:21:23 EST 2001


Once upon a time, Markus Friedl <markus at openbsd.org> said:
> but chroot $HOME is a bad idea. it has to be chroot $HOME/subdir,
> otherwise the user can edit .ssh and other .-files (.forward, etc).

You could make $HOME owner by someone other than the user.  That would
keep them from creating arbitrary files and/or directories.  They would
only be able to modify files under directories that are created for
them.
-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.



More information about the openssh-unix-dev mailing list