[PATCH] prevent users from changing their environment

Markus Friedl markus at openbsd.org
Mon Jul 29 04:34:25 EST 2002


On Sat, Jul 27, 2002 at 12:53:42PM +1000, Darren Tucker wrote:
> Markus Friedl wrote:
> > hm, sshd already suffers from far to many options.
> > is making $HOME/.ssh unwriteable not an option?
> 
> You'd have to make sure $HOME isn't writeable either, otherwise the the
> users could just rename .ssh and create a new one.

yes, for restricted users $HOME must not be writeable.



More information about the openssh-unix-dev mailing list