[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [off-topic?] Chrooting ssh/telnet users?

On Fri, 2001-10-26 at 15:51, Rishi L Khan wrote:
> Set the shell for the user in /etc/passwd to a script that chroots and
> then spawns a shell.
> 		-rishi

Hmmm, That wouldn't work as intended - since the jailed environment
would have to contain all files/libraries the user needs to get his work

> On Fri, 26 Oct 2001, Javier [iso-8859-1] Fernández-Sanguino Peña wrote:
> > Chrooting the daemon is a possibility, but it's not tailored in a per-user
> > basis but globally to all users (besides you need all the tools that users
> > might want to use in the jail). I'm looking more into a jailed enviroment
> > like proftpd's when you sed "DefaultRoot ~" (jails the user into his home
> > directory but he's able to use all commands, without having to setup all
> > the libraries in it).

Unfortunately, I can't see how this should be done. The reason it works
with proftpd is because it has those common commands builtin and does
not depend on the files being in the jail.
However, how would you use ls which resides in /bin/ls, if you are
jailed into /home/username ??  As I see it, it cannot be done (though it
would be nice)

Paul Fleischer

Reply to: