Re: ProFtpd question

To: debian-security@lists.debian.org
Subject: Re: ProFtpd question
From: Kalev Kadak <kalev@grupp.ee>
Date: Thu, 28 Jun 2001 10:20:39 +0200 (EET)
Message-id: <[🔎] Pine.LNX.4.21.0106281009240.9015-100000@lx.grupp.ee>
In-reply-to: <[🔎] 20010627130714.B929@toontown.erial.nj.us>


On Jun 27, 2001 13:07 -0400 rsnyder@toontown.erial.nj.us wrote to...:


|> You add /bin/ftponly in /etc/shells.
|
|And if I'm not mistaken, if they are somehow now able to execute the
|chsh command, then they have a valid shell account they can log in to. :-(
|
|While they shouldn't be able to run chsh, or the equivalent, putting their
|shell in /etc/shells puts them that much closer to an account.
|

chroot will help to prevent this kind of attempts if you consider
/bin/false not so safe. User will be chrooted to allowed ground and there
will be no way back. Or is there?. Watch out for links. They may get
broken.

Kalev

Reply to:

References:
- Re: ProFtpd question
  - From: <rsnyder@toontown.erial.nj.us>

Prev by Date: Re: ProFtpd question
Next by Date: Re: ProFtpd question
Previous by thread: Re: ProFtpd question
Next by thread: Re: Is this an attack ?
Index(es):
- Date
- Thread