I've been playing around with the scp and sftp components of putty and
noticed what I consider a security hole. Winscp does the same thing.
The user can change to directories above their home. Is there a way to
chroot them like you can in an ftp config file? I don't see anything in
the sshd
Jon McCain [EMAIL PROTECTED] cum veritate scripsit:
I've been playing around with the scp and sftp components of putty and
noticed what I consider a security hole. Winscp does the same thing.
The user can change to directories above their home. Is there a way to
chroot them like you can
hi ya
i'd do it with automounter w/ ssh ???
mount remote:/home/httpd/html /mnt/html
scp /home/user/new_site.html /mnt/html
sync
umount /mnt/html
mount is not needed if it is configured to auotmount
and user does NOT need shell account on the remote web server
you also cannot cd / on the
martin f krafft wrote:
also sprach Noah Meyerhans [EMAIL PROTECTED] [2002.03.29.2332 +0100]:
Such a package has existed at http://people.debian.org/~ivo/ for over a
year.
okay, but noone knows about it. why isn't it on security.debian.org
yet???
Beats me...
Ivo
--
Hey, it
also sprach Ivo Timmermans [EMAIL PROTECTED] [2002.03.30.0845 +0100]:
okay, but noone knows about it. why isn't it on security.debian.org
yet???
Beats me...
i don't get it. will someone please push this package ivo made as an
NMU into security.debian.org ASAP? i'd do it myself, but i am
I've been playing around with the scp and sftp components of putty and
noticed what I consider a security hole. Winscp does the same thing.
The user can change to directories above their home. Is there a way to
chroot them like you can in an ftp config file? I don't see anything in
the sshd
hi ya
i'd do it with automounter w/ ssh ???
mount remote:/home/httpd/html /mnt/html
scp /home/user/new_site.html /mnt/html
sync
umount /mnt/html
mount is not needed if it is configured to auotmount
and user does NOT need shell account on the remote web server
you also cannot cd / on the
7 matches
Mail list logo