Re: scp and sftp
On Mon, Apr 01, 2002 at 10:35:35AM -0500, Jon McCain wrote:
> All of this has gotten me to thinking about another flaw in the way I
> have things set up. I'm preventing users from getting to a $ by running
> a menu from their profile.
>
> exec /usr/bin/menu
>
> This works fine since the exec causes menu to become their shell
> process.
>
> But some smart user could get around this by using pscp to upload their
> own .bash_profile. Even if I fix it so I have them chroot'd on their
> home would not prevent this since this file is in their home.
>
> But changing permissions on the .bash_profile so they don't own it (and
> not in their group) should take care of that problem. They can read it
> all they want, just not change it.
Why not change the users' shell to /usr/bin/menu?
Bye,
Chris
--
http://www.tuxedo.org/~esr/faqs/smart-questions.html
__ _
-o)/ / (_)__ __ ____ __ Chris Reeves
/\\ /__/ / _ \/ // /\ \/ / ICQ# 22219005
_\_v __/_/_//_/\_,_/ /_/\_\
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: