On 26/10/01, Javier Fernández-Sanguino Peña wrote:
> The problem is, how can an admin restrict remote access from a given user
> (through telnet and/or sshd) in order to limit his "moves" inside the
> operating system.
[...]
> AFAIK, pam only allows to limit some user accesses (cores, memory
> limi
Rishi L Khan <[EMAIL PROTECTED]> writes:
> I think the only way to accomplish a chroot IS to include all the files
> in the jail that the user needs.
[snip]
Yes. Somehow, if you're going to run something, it needs to be in the jail.
Various alternatives to consider for various reasons : busybox,
On 26/10/01, Javier Fernández-Sanguino Peña wrote:
> The problem is, how can an admin restrict remote access from a given user
> (through telnet and/or sshd) in order to limit his "moves" inside the
> operating system.
[...]
> AFAIK, pam only allows to limit some user accesses (cores, memory
> lim
I think the only way to accomplish a chroot IS to include all the files in
the jail that the user needs.
-rishi
On 26 Oct 2001, Paul Fleischer wrote:
>
> On Fri, 2001-10-26 at 15:51, Rishi L Khan wrote:
> > Set the shell for the user in /etc/passwd to a script that chroots and
>
On Fri, 26 Oct 2001, Rishi L Khan wrote:
> Set the shell for the user in /etc/passwd to a script that chroots and
> then spawns a shell.
That is very difficult to do. Chroot can only be run by root.
> On Fri, 26 Oct 2001, Javier [iso-8859-1] Fernández-Sanguino Peña wrote:
>
> > I have been asked
On Fri, 2001-10-26 at 15:51, Rishi L Khan wrote:
> Set the shell for the user in /etc/passwd to a script that chroots and
> then spawns a shell.
>
> -rishi
Hmmm, That wouldn't work as intended - since the jailed environment
would have to contain all files/libraries the user needs t
recently i've worked on a small patch for openssh that chroots a user when
he logs in. it uses mysql for password auth. it is not posted anyware but
if you want it, send me a personal mail.
Ivan Dimitrov
System Administrator
Bastun Networks
On Fri, 26 Oct 2001, Javie
Set the shell for the user in /etc/passwd to a script that chroots and
then spawns a shell.
-rishi
On Fri, 26 Oct 2001, Javier [iso-8859-1] Fern?ndez-Sanguino Pe?a wrote:
> I have been asked for this and I was trying to figure out how to do it
> (would document it later on in the
I have been asked for this and I was trying to figure out how to do it
(would document it later on in the Securing-Debian-Manual). So please,
excuse me if you feel this is off-topic.
The problem is, how can an admin restrict remote access from a given user
(through telnet and/or sshd) in order to
Rishi L Khan <[EMAIL PROTECTED]> writes:
> I think the only way to accomplish a chroot IS to include all the files
> in the jail that the user needs.
[snip]
Yes. Somehow, if you're going to run something, it needs to be in the jail.
Various alternatives to consider for various reasons : busybox,
I think the only way to accomplish a chroot IS to include all the files in
the jail that the user needs.
-rishi
On 26 Oct 2001, Paul Fleischer wrote:
>
> On Fri, 2001-10-26 at 15:51, Rishi L Khan wrote:
> > Set the shell for the user in /etc/passwd to a script that chroots and
>
On Fri, 26 Oct 2001, Rishi L Khan wrote:
> Set the shell for the user in /etc/passwd to a script that chroots and
> then spawns a shell.
That is very difficult to do. Chroot can only be run by root.
> On Fri, 26 Oct 2001, Javier [iso-8859-1] Fernández-Sanguino Peña wrote:
>
> > I have been aske
On Fri, 2001-10-26 at 15:51, Rishi L Khan wrote:
> Set the shell for the user in /etc/passwd to a script that chroots and
> then spawns a shell.
>
> -rishi
Hmmm, That wouldn't work as intended - since the jailed environment
would have to contain all files/libraries the user needs
recently i've worked on a small patch for openssh that chroots a user when
he logs in. it uses mysql for password auth. it is not posted anyware but
if you want it, send me a personal mail.
Ivan Dimitrov
System Administrator
Bastun Networks
On Fri, 26 Oct 2001, Javi
Set the shell for the user in /etc/passwd to a script that chroots and
then spawns a shell.
-rishi
On Fri, 26 Oct 2001, Javier [iso-8859-1] Fernández-Sanguino Peña wrote:
> I have been asked for this and I was trying to figure out how to do it
> (would document it later on in th
I have been asked for this and I was trying to figure out how to do it
(would document it later on in the Securing-Debian-Manual). So please,
excuse me if you feel this is off-topic.
The problem is, how can an admin restrict remote access from a given user
(through telnet and/or sshd) in order to
on Tue, Oct 16, 2001 at 06:09:34PM -0700, Dansuki Ahmed ([EMAIL PROTECTED])
wrote:
> FROM: COL. DANSUKI AHMED
>
> Sir,
>
> I am a Colonel and presently in Kuwait as a military
> attach?, I got your contact through your country's
> chamber of commerce.
I realize this is about a week stale (some
on Tue, Oct 16, 2001 at 06:09:34PM -0700, Dansuki Ahmed ([EMAIL PROTECTED])
wrote:
> FROM: COL. DANSUKI AHMED
>
> Sir,
>
> I am a Colonel and presently in Kuwait as a military
> attach?, I got your contact through your country's
> chamber of commerce.
I realize this is about a week stale (som
18 matches
Mail list logo
