I have very special needs and i wanted to use rsync over ssh. I don't know if a solution already exists for what i want to do. I want to provide rsync over ssh to my users. Howevern i want to have the following limitations :
1. No shell access
2. Limitting users to their home directories
I was thinking to the folowing solution, but i don't know if it is secure enough :
Create a dummy-shell sor ssh login that only allow the rsync --server --sender command. Then i get the path of the wanted files, and i appened it to the home directory of the user. Ex : the user requests /test, i give him : /home/usrname/test
Then i uses the realpath function to canonicalize the path and i check that it really begins with /home/usrname to prevent users from getting files outside of their home directory.
I execute the rsync command with the new built path...
I think this should work but i would like to know what do you think about security.
If this is ok, i will code the dummy-shell and put it online for those who would like to do similar things...
Thanks in advance, Bob -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
