Glyph, thanks for your attention and time. I am afraid I was not clear wit hmy question so please allow me to elaborate.
> The way you control which paths a user can access in this scenario is by > setting the filesystem permissions on those directories. Sorry, but Twisted > cannot magically change your UNIX filesystem so that arbitrary commands see > a different view of it. I don't want to create a UNIX user per client. I want to design the system in a way that all the clients will access using one single 'public' account. In fact, each client is already pushing its files to it associated 'home' folder. However, I want to be able to control it in case someone is hacking with the system, so to ensure it cannot access any other paths but the one which is associated with its rsa_key I've investigated jailkit and gitosis and other approaches and was not satisfied with the final result. That's the reason why I am not using OpenSSH server and trying to make it possible with Twisted. I think it will make a much more scalable and flexible system. I strongly believe that others will find this project useful. > If you want to write an SSH application server that does *not* allow running > UNIX commands, you are going to have to write a lot more code; in effect, > emulating a shell (or denying access to one entirely, as described in > http://cyli.livejournal.com/38382.html ) I don't want to supply shell or any other interactive mode for a user. This is all to be done at the client side 'automatically' using custom sftp/ssh client e.g. bzr branch sftp://u...@server:port/allowed_path_only > This code could definitely be better documented, but I don't think your > question is related to subsystems. when running the command mentioned above (bzr branch sftp://u...@server:port/allowed_path_only) only SSHSession.request_subsystem is called (neither request_shell nor request_exec) - that's why I brought it up. _______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
