- Original Message -
From: "Jon McCain"
Sent: Sunday, March 31, 2002 8:54 AM
> The user can change to directories above their home.
> Is there a way to chroot them
Use restricted bash shell for the user (/bin/rbash) in the
/etc/passwd.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
wit
Few days ago I updated the LISTAR maillist software (apt-get update;
ape-get dist-upgrade) with the latest security fix (a buffer overflow
Perhaps the problem is with your second command. I've not had good
luck with 'ape-get' either. Perhaps it is distantly related to the
infinite monkeys prob
- Original Message -
From: "Jon McCain"
Sent: Sunday, March 31, 2002 8:54 AM
> The user can change to directories above their home.
> Is there a way to chroot them
Use restricted bash shell for the user (/bin/rbash) in the
/etc/passwd.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
wi
>Few days ago I updated the LISTAR maillist software (apt-get update;
>ape-get dist-upgrade) with the latest security fix (a buffer overflow
Perhaps the problem is with your second command. I've not had good
luck with 'ape-get' either. Perhaps it is distantly related to the
infinite monkeys pro
> I've been playing around with the scp and sftp components of putty
> and
> noticed what I consider a security hole. Winscp does the same thing.
> The user can change to directories above their home. Is there a way
> to
> chroot them like you can in an ftp config file?
scp is merely a way to use
Greetings!
Few days ago I updated the LISTAR maillist software (apt-get update;
ape-get dist-upgrade) with the latest security fix (a buffer overflow
IIRC). Since then, the program won't work anymore - does not produce
any output, returns with exit code 75
Seems the security fix is broken?
Bye
Previously martin f krafft wrote:
> wichert, it didn't. why should we discuss this before pushing the
> temporary fix into the security archives???
Because it might impact other packages as well.
> i'd also like to see answered, but right now, debian's got a semi-bug
> in a package found on secur
On Sun, Mar 31, 2002 at 05:53:35PM +0200, martin f krafft wrote:
> why should we discuss this before pushing the temporary fix into the
> security archives???
Maybe because, as you say, the fix (read: workaround) is only temporary? :)
Including a new rule in the conffile won't automatically fix e
On Sat, Mar 30, 2002 at 10:24:28PM -0500, Jon McCain wrote:
> I've been playing around with the scp and sftp components of putty and
> noticed what I consider a security hole. Winscp does the same thing.
> The user can change to directories above their home. Is there a way to
> chroot them like
> I've been playing around with the scp and sftp components of putty
> and
> noticed what I consider a security hole. Winscp does the same thing.
> The user can change to directories above their home. Is there a way
> to
> chroot them like you can in an ftp config file?
scp is merely a way to us
also sprach Wichert Akkerman <[EMAIL PROTECTED]> [2002.03.31.1602 +0200]:
> > i don't get it. will someone please push this package ivo made as an
> > NMU into security.debian.org ASAP? i'd do it myself, but i am still
> > waiting for DAM approval...
>
> I'ld like someone to answer my question fir
Greetings!
Few days ago I updated the LISTAR maillist software (apt-get update;
ape-get dist-upgrade) with the latest security fix (a buffer overflow
IIRC). Since then, the program won't work anymore - does not produce
any output, returns with exit code 75
Seems the security fix is broken?
Bye
Previously martin f krafft wrote:
> wichert, it didn't. why should we discuss this before pushing the
> temporary fix into the security archives???
Because it might impact other packages as well.
> i'd also like to see answered, but right now, debian's got a semi-bug
> in a package found on secu
On Sun, Mar 31, 2002 at 05:53:35PM +0200, martin f krafft wrote:
> why should we discuss this before pushing the temporary fix into the
> security archives???
Maybe because, as you say, the fix (read: workaround) is only temporary? :)
Including a new rule in the conffile won't automatically fix
On Sat, Mar 30, 2002 at 10:24:28PM -0500, Jon McCain wrote:
> I've been playing around with the scp and sftp components of putty and
> noticed what I consider a security hole. Winscp does the same thing.
> The user can change to directories above their home. Is there a way to
> chroot them like
also sprach Wichert Akkerman <[EMAIL PROTECTED]> [2002.03.31.1602 +0200]:
> > i don't get it. will someone please push this package ivo made as an
> > NMU into security.debian.org ASAP? i'd do it myself, but i am still
> > waiting for DAM approval...
>
> I'ld like someone to answer my question fi
Previously martin f krafft wrote:
> i don't get it. will someone please push this package ivo made as an
> NMU into security.debian.org ASAP? i'd do it myself, but i am still
> waiting for DAM approval...
I'ld like someone to answer my question first: how come the glob
fix in glibc doesn't fix pro
On Sun, 2002-03-31 at 05:24, Jon McCain wrote:
> I've been playing around with the scp and sftp components of putty and
> noticed what I consider a security hole. Winscp does the same thing.
> The user can change to directories above their home. Is there a way to
> chroot them like you can in an
Previously martin f krafft wrote:
> i don't get it. will someone please push this package ivo made as an
> NMU into security.debian.org ASAP? i'd do it myself, but i am still
> waiting for DAM approval...
I'ld like someone to answer my question first: how come the glob
fix in glibc doesn't fix pr
On Sun, 2002-03-31 at 05:24, Jon McCain wrote:
> I've been playing around with the scp and sftp components of putty and
> noticed what I consider a security hole. Winscp does the same thing.
> The user can change to directories above their home. Is there a way to
> chroot them like you can in a
the commercial ssh server has an option to chroot to a user's home
directory. there are patches available to openssh to do it also,
though i don't know if they've been thoroughly audited. check out
http://mail.incredimail.com/howto/openssh/
you can make sftp-server the user's shell to only allow
the commercial ssh server has an option to chroot to a user's home
directory. there are patches available to openssh to do it also,
though i don't know if they've been thoroughly audited. check out
http://mail.incredimail.com/howto/openssh/
you can make sftp-server the user's shell to only allow
22 matches
Mail list logo
