[PATCH] prevent users from changing their environment
Markus Friedl
markus at openbsd.org
Mon Jul 29 04:34:25 EST 2002
On Sat, Jul 27, 2002 at 12:53:42PM +1000, Darren Tucker wrote:
> Markus Friedl wrote:
> > hm, sshd already suffers from far to many options.
> > is making $HOME/.ssh unwriteable not an option?
>
> You'd have to make sure $HOME isn't writeable either, otherwise the the
> users could just rename .ssh and create a new one.
yes, for restricted users $HOME must not be writeable.
More information about the openssh-unix-dev
mailing list