Larry Jones wrote:
Wim Bertels writes:
cvs is up and running, but by using the ext method users automatically gain
shell access to the cvs server, this in NOT intended, how do you solve this.
You can configure sshd to only allow certain commands -- see the sshd
documentation for
[EMAIL PROTECTED] writes:
Larry Jones wrote:
Wim Bertels writes:
cvs is up and running, but by using the ext method users
automatically gain shell access to the cvs server, this in NOT
intended, how do you solve this.
You can configure sshd to only allow certain commands --
[EMAIL PROTECTED] writes:
What sshd option are you refering to? I looked in the docs, and could
not find such a configuration parameter. I would expect this man page
is for the latest sshd, 3.7p1, or later.
See the command= option in the AUTHORIZED_KEYS file.
-Larry Jones
The game's
On Wed, Sep 24, 2003 at 04:56:19PM -0700, Mike Castle wrote:
In article [EMAIL PROTECTED],
Wim Bertels [EMAIL PROTECTED] wrote:
Houdi,
Its a remote clients/server setup,
cvs is up and running, but by using the ext method users automatically gain
shell access to the cvs server, this in NOT
On Fri, 26 Sep 2003 02:57 am, Rob Helmer wrote:
1) permanently delete files under CVS control
2) run arbitrary commands (including commands they upload)
1 is bad enough, but 2 could allow them (or someone with access to their
account) to use the server for any manner of attack on other
There are three basic mechanisms you may use:
a) $HOME/.ssh/authorized_keys may contain the following option:
command=command
Specifies that the command is executed whenever this key is
used
for authentication. The command supplied by the user (if
any) is
Wim Bertels [EMAIL PROTECTED] writes:
for now this what i did:
for example:
1. SSH
if u put
test: ... :/var/lib/cvs:usr/bin/cvs
Assuming you meant to put /usr/bin/cvs in the passwd file, this is not
good as it needs the 'server' command-line argument rather than whatever
arguments the
In article [EMAIL PROTECTED],
Wim Bertels [EMAIL PROTECTED] wrote:
Houdi,
Its a remote clients/server setup,
cvs is up and running, but by using the ext method users automatically gain
shell access to the cvs server, this in NOT intended, how do you solve this.
(i need to use ssh because i have