Re: SSH access restrictions
On Sat, 18 Oct 2003 11:23, Rudi Starcevic wrote:
> For example once he/she is logged in is there any way to deny, say,
> reading the /etc/passwd file ?
> Can they be restricted like the way a user can be restricted using FTP ?
I have heard of people setting up chroot environments for ssh accounts which
is the same restriction as is usually used for anonymous FTP.
But for file access there is no way of doing it using Unix permissions. If
you use a security system such as SE Linux, systrace, RSBAC, or GRSEC then
you can do such things.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page