[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH access restrictions


Though I'd post something I found on the net about rbash.
I haven't tested it yet.


But it's possible to get out from this chroot.

woockie_at_twoflower:~$ cd ..
rbash: cd: restricted
woockie_at_twoflower:~$ vi foo

in vi:
:set shell=/bin/sh
woockie_at_twoflower:~$ cd ..

[end quote]

It's disappointing if it's that easy.
Still if they do get out and misbehave you could catch them 
with monitoring.

For stronger restrictions PAM chroot and http://www.grsecurity.org
is a class option.


Reply to: