Privilege Separation Design Question

Cal Leeming [Simplicity Media Ltd] cal.leeming at simplicitymedialtd.co.uk
Fri Jul 1 00:59:51 EST 2011


To do this, you'd need to de-attach the SSH session from that shell, and
drop them into a purpose built environment to perform the authentication.
However, I am not sure it is possible to do this without causing problems on
the existing shell (I don't know the SSH code well enough).

Another option, is that you could drop the user into a controlled 'screen'
session, and enforce your rules within that..?

Cal

On Thu, Jun 30, 2011 at 3:04 PM, Daniel Kahn Gillmor
<dkg at fifthhorseman.net>wrote:

> On 06/30/2011 09:48 AM, Hans Harder wrote:
> > Also if you do that in the middle of automatic script activity, I have
> > no idea what will go wrong
>
> I agree, this strikes me as a disaster waiting to happen.
>
> Eric, have you considered doing re-authorization without
> re-authentication?  It seems to me that you could take that approach
> much more cleanly (and simply terminate any ongoing connections that are
> found to be no-longer-authorized).
>
>        --dkg
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>


More information about the openssh-unix-dev mailing list