[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: how to make Debian less fragile (long and philosophical)

Good point. That explains it, though I still feel it should be 
mentioned in the sshd manpage (not a Debian problem).

It does mean that sshd cannot be relied on to get a root shell 
unless root has a static shell.

Justin

On Fri, Aug 20, 1999 at 07:55:20AM -0400, Michael Stone wrote:
> On Fri, Aug 20, 1999 at 12:15:18AM -0400, Justin Wells wrote:
> > By the way, so far as I know, that's an undocumented behavior of 
> > sshd that is really annoying. The manpage claims that the client 
> > "either requests a shell or execution of a command". So I suppose
> > technically it's allowed to invoke the shell and pass the command
> > via the -c argument, since "execution of a command" doesn't 
> > specifically mention a mechanism, but you really would expect 
> > it to just call exec().
> 
> If the administrator sets a user up with a restricted shell, he expects
> that any login mechanism will use that shell--including ssh.
> 
> Mike Stone
Reply to: