email apps as user shells (disable port forwarding in OpenSSH) -- sorry
Alexey Koptsevich
alex at astro.su.se
Tue Sep 25 23:46:12 EST 2001
Hello,
I am very sorry that disturbed you. Unfortunately, I have not found -users
list at http://www.openssh.org/list.html, only -announce and -dev, that's
why I wrote to -dev. I beg your pardon.
Alex
On 2001-09-20 12:22:19, Peter W wrote:
> > > Thanks! But if no shell -- no ability, right?
> >
> > I'm not sure I understand. The user has to have some "shell" that can be
> > invoked as "<shell> -c pine" and do the right thing. If you don't disable
> > suspend in the pine.conf.fixed, then pine will either fork a new instance
> > of <shell> (which is safe if <shell> is a restricted shell which just
> > exits when invoked without "-c pine") or else it will try to detach from
> > the restricted shell, which won't work right.
>
> OK, but if I set /usr/local/bin/pine (or /usr/local/bin/mutt) as a shell
> in the /etc/passwd and do not copy any shell to the chroot-ed directory at
> all -- there is no ability to run it, that's what I meant.
1) isn't this outside the scope of the OpenSSH *development* list?
2) this can be easily and quickly tested, right?
3) [despite 1)]: email apps are powerful things, especially because
they tend to include file browsers and full text editors
4) see 1): at the very least, I think this should be on a -users list,
unless you see current behavior of OpenSSH that you wish to modify
via source code changes
-Peter
More information about the openssh-unix-dev
mailing list