On 01:45 pm, tzury...@gmail.com wrote:
the code is available at: http://gist.github.com/37446
The point is that I am missing the knowledge needed in order to add
path control.
That is, controlling which path(s) a user can access.
UnixSSHRealm is a realm which returns SSH avatars that, like OpenSSH,
can run arbitrary shell commands as the given UNIX user.
The way you control which paths a user can access in this scenario is by
setting the filesystem permissions on those directories. Sorry, but
Twisted cannot magically change your UNIX filesystem so that arbitrary
commands see a different view of it.
If you want to write an SSH application server that does *not* allow
running UNIX commands, you are going to have to write a lot more code;
in effect, emulating a shell (or denying access to one entirely, as
described in http://cyli.livejournal.com/38382.html )
at http://twisted.conch.ssh.session.SSHSession.html#request_subsystem
it appears to be undocumented
This code could definitely be better documented, but I don't think your
question is related to subsystems. In order to see why, it would be
helpful for you to understand http://www.ietf.org/rfc/rfc4254.txt
section 6.5, "starting a shell or command", first. (A subsystem is just
a kind of command you can run.)
_______________________________________________
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
