scp -t . - possible idea for additional parameter

Jefferson Ogata Jefferson.Ogata at noaa.gov
Thu Oct 11 04:07:49 EST 2007


On 10/10/07 16:30, Larry Becke wrote:
>> 1. Why do you think this change provides effective security?
>  
>    Specifying the starting directory, and not allowing the user to navigate above it effectively locks the user within that directory. 

Yes, and...? What does that accomplish in terms of security,
specifically? I.e. what is the specific threat you are trying to protect
against?

> chroot'ing should not be used as a security method, that's been clearly stated time and again.

chroot *can* be used as a security method, if done correctly, just as
virtualization *can* be used, along with any other mechanism that
effectively confines the domain of a process's activity, preferably at
the kernel level where there are fewer paths for circumvention.

Combine chroot with segregated filesystems mounted with combinations of
ro, nosuid, noexec, nodev and you can have very effective limits on user
activity.

-- 
Jefferson Ogata <Jefferson.Ogata at noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>
"Never try to retrieve anything from a bear."--National Park Service


More information about the openssh-unix-dev mailing list