scp not tolerant of extraneous shell messages
Ben Lindstrom
mouring at etoh.eviladmin.org
Wed Jul 3 03:52:51 EST 2002
[..]
> Incidentally, if you don't believe my conclusion about SFTP, I offer you
> the following thought experiment: Would you rather give me access to an
> account through wu-ftpd or sftp?
>
> There are issues, incidentally, with making it easier to define sets of
> users that are allowed to sftp in and others that can sftp and ssh in.
> Maybe we can do something interesting with AllowGroups.
>
sftp. Because the sftp setup I use forces the user to be chroot() into
their ~/WWW directory so they can not modify their ~/.ssh nor any dot
files within ~/. Removing executing their shell gains you nothing if you
still let them play in the ~/.ssh/ section.
I'm really interested in why you allow users to modify your login files
for your personal account.=)
- Ben
More information about the openssh-unix-dev
mailing list