chrooting/jailing transfer-only accounts

Ben Lindstrom mouring at
Tue May 28 06:22:53 EST 2002

On Mon, 27 May 2002, Dan Astoorian wrote:

> On Mon, 27 May 2002 10:34:33 EDT, I wrote:
> >
> > Note: the above is completely untested!  [...]
> fact, it wasn't even _proofread_.  :-(
> Now that I've had my morning coffee, this is a little closer to what I
> had in mind.  It's still not well-tested, but it's not quite as
> spectacularly wrong.
> #define JAIL "/path/to/jail"
> #define SHELL "/bin/sh"
> int main(int argc, char **argv) {
>     if (chroot(JAIL) != 0) {
>         perror("chroot");
>     } else if (chdir("/") != 0) {
>         perror("chdir");
	^^ Won't one want to consider dropping root before this?  Less
code that is ran by root the better.

The only thing that should be considered is how to correctly pull the
user's home directory.  One should ponder if that code should be ran as a
non-root user.

As for argument processing with getopt()  that is a no brainner.  You
handle all getopt() just before you spawn the shell.  Thus any issue
should be less tramatic.

- Ben

More information about the openssh-unix-dev mailing list