[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Any HOWTOs for setting up a chroot jail for ssh users?

To: Allan <am@topnet.de>
Subject: Re: Any HOWTOs for setting up a chroot jail for ssh users?
From: Paul de Weerd <paul@mail.me.maar.nu>
Date: Wed, 13 Feb 2002 13:55:51 +0100
Cc: Kaelin Colclasure <kaelin@resilience.com>, misc@openbsd.org
Content-Disposition: inline
References: <B87AF82A.2065%kaelin@resilience.com> <20020213124841.GD1483@wopr.topnet.de>
User-Agent: Mutt/1.3.25i

On Wed, Feb 13, 2002 at 01:48:41PM +0100, Allan wrote:
| Am Mon, Jan 28, 2002 at 12:44:26PM -0800, schrieb Kaelin Colclasure:
| > I need to put a small subset of user accounts into this jail, and restrict
| > them to a small set of commands (primarily rsync via ssh transport, plus the
| > basic file management stuff in their own home directories).
| 
| For those jailed users it should be possible to copy and execute binaries 
| in their home directories.  You can not really restrict what programs they
| can run. 

You could mount your fs with noexec (see mount(8)), restricting all
execution of uploaded binaries.

Just my 0.02 euros,

Paul 'WEiRD' de Weerd

-- 
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]

Follow-Ups:
- Re: Any HOWTOs for setting up a chroot jail for ssh users?
  - From: Allan <am@topnet.de>

References:
- Re: Any HOWTOs for setting up a chroot jail for ssh users?
  - From: Allan <am@topnet.de>

Prev by Date: Re: Any HOWTOs for setting up a chroot jail for ssh users?
Next by Date: Pf blocking FIN packets, why?
Prev by thread: Re: Any HOWTOs for setting up a chroot jail for ssh users?
Next by thread: Re: Any HOWTOs for setting up a chroot jail for ssh users?
Index(es):
- Date
- Thread