Date: Mon, 7 May 2012 15:53:09 -0300 From: Paul Halliday <paul.halliday@gmail.com> To: "Randal L. Schwartz" <merlyn@stonehenge.com> Cc: questions@freebsd.org Subject: Re: Write only directory. Message-ID: <CAJfn-RHK0t1wqkB=ac8wir1f4Mgh1Uo2SwHDnULv6CxSmUkuDA@mail.gmail.com> In-Reply-To: <86aa1jaksf.fsf@red.stonehenge.com> References: <CAJfn-REgWrEP-g9uAxGOpsvt8SxuKOf_xXr=5iy4SahP0cpvoA@mail.gmail.com> <86aa1jaksf.fsf@red.stonehenge.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 7, 2012 at 3:49 PM, Randal L. Schwartz
<merlyn@stonehenge.com> wrote:
>>>>>> "Paul" == Paul Halliday <paul.halliday@gmail.com> writes:
>
> Paul> Is it possible to let a user write to a directory but not access the
> Paul> file after they write it?
>
> Paul> The file is being transferred via scp and after the transfer I don't
> Paul> want them to be able to re-fetch or even get a directory listing.
>
> scp is via ssh. with ssh, they get a complete command line. how are
> you going to prevent *that*?
The users shell is /bin/false
and sshd is setup like:
Match User a_user
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJfn-RHK0t1wqkB=ac8wir1f4Mgh1Uo2SwHDnULv6CxSmUkuDA>