[PATCH] prevent users from changing their environment
Tony Finch
dot at dotat.at
Fri Jul 26 11:59:32 EST 2002
Ben Lindstrom <mouring at etoh.eviladmin.org> wrote:
>On Thu, 25 Jul 2002, Carson Gaspar wrote:
>>
>> Just try to build a completely statically linked binary under Solaris.
>
>Then it is an OS defect. My point still holds true.
It is a feature -- Solaris has an impressive amount of binary compatibility.
>Of course this all begs to ask.. "Why do you allow them to muck around in
>~/.ssh/ to start with?!" Refer back to the chroot() + sftp/ssh arguments
>that occur ever 3 - 4 months on this list.
In our situation chroot isn't a solution. Users are allowed to upload
and download any files they want -- usually mailboxes, since this is
a mail server, but that implies that we can't restrict things at that
point. Secondly, they are allowed to put things in ~/.ssh so that they
can use public key authentication. The two combined mean that even if
the chroot were initially restricted, it could be exploited and turned
into a warez distribution point etc.
We have been using a patch like this for several years, and since I
think it would be helpful in environments other than ours, and since
I believe in contributing improvements to software that I use, I
thought you -- or your users -- might like to benefit from my work.
Tony.
--
f.a.n.finch <dot at dotat.at> http://dotat.at/
LUNDY FASTNET IRISH SEA SHANNON: WEST OR SOUTHWEST 3 OR 4, OCCASIONALLY 5.
OCCASIONAL DRIZZLE. MODERATE OR GOOD, OCCASIONALLY POOR.
More information about the openssh-unix-dev
mailing list