On Thu, Jan 10, 2002 at 04:46:26PM +0100, Marcel Hicking wrote: > No way. > /bin/true will log you out right away, > and therefore you cannot start scp. > I've doublechecked this yesterday, and > even tried to put "exit " into the .bashrc > *This* did work fine, no ssh anymore, but scp > works. But! unforunatelly the user can scp > an new .bashrc or use ssh and rm to remove it. Late to the discussion so I may have missed something ... can't you chattr +i the .bashrc file, then chmod 750 /usr/bin/chattr ? Of course if the user can copy their own chattr binary using scp and execute it somehow, this doesn't work :) -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Ltd. | than a perfect plan tomorrow. mailto:nnorman@micromuse.com | -- Patton
Attachment:
pgpX8omdae6ez.pgp
Description: PGP signature