ssh-dummy-shell

mouring at etoh.eviladmin.org mouring at etoh.eviladmin.org
Tue Nov 27 05:37:32 EST 2001



On Mon, 26 Nov 2001, Dan Astoorian wrote:

> On Sat, 24 Nov 2001 06:42:52 EST, Markus Friedl writes:
> > >
> > > One must be careful: if $HOME/.ssh is writable or can be made so,
> > > $HOME/.ssh/environment is an attack vector.
> >
> > yes, i metioned this before.
>
> If I were to submit a simple patch for sftp-server that would cause it
> to exit with an error if get_progname(pw->pw_shell) matched
> get_progname(argv[0]) AND either pw->pw_dir or (pw->pw_dir)/.ssh was
> writable by the user, would such a patch be likely to be accepted?
>
Doubtfully.

I'm in favour (and once I move into my house it is high on my priority
list since I need the functonality) of supporting:

subsystem sftp /path/to/sftp-server -c %{HOME_OF_USER}/subdir/

- Ben




More information about the openssh-unix-dev mailing list