On Wed, Aug 09, 2000 at 03:57:16PM -0600, Tobias Weingartner wrote: > On Wednesday, August 9, Justin Wells wrote: > > > > If I move to ssh, I will definately still be using chroot. Even on a > > box where there's nothing else important there is no justification for > > giving away full fledged shells to people who don't need them. > > Have a look at anoncvssh, with a rough 3-line change in that source code, > it can be substituted as a shell for most CVS users. No need to give > full shell access, although I would treat each and every CVS access (short > of full anoncvs access on a dedicated box) as being a full shell login > anyhow, due to possible funky things being done with CVSROOT/* scripts... Yeah I figure they'll get a shell, if they want it, so I'll make sure that they live in a chroot which has only a restricted shell, if one at all, and nothing interesting to attack. Justin
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Justin Wells
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Greg A. Woods
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Justin Wells
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Greg A. Woods
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Paul Sander
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Greg A. Woods
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Justin Wells
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Tobias Weingartner
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Derek R. Price
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Tobias Weingartner
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Justin Wells
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Mike Castle
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Justin Wells
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Mike Castle
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... David Thornley
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Mike Castle
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Laird Nelson
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Greg A. Woods
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Tony Hoyle
- Re: cvs-nserver and latest CVS advisory (Was: patch to ... Greg A. Woods
- Re: cvs-nserver and latest CVS advisory Tobias Weingartner