Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 7 May 2012 15:53:09 -0300
From:      Paul Halliday <paul.halliday@gmail.com>
To:        "Randal L. Schwartz" <merlyn@stonehenge.com>
Cc:        questions@freebsd.org
Subject:   Re: Write only directory.
Message-ID:  <CAJfn-RHK0t1wqkB=ac8wir1f4Mgh1Uo2SwHDnULv6CxSmUkuDA@mail.gmail.com>
In-Reply-To: <86aa1jaksf.fsf@red.stonehenge.com>
References:  <CAJfn-REgWrEP-g9uAxGOpsvt8SxuKOf_xXr=5iy4SahP0cpvoA@mail.gmail.com> <86aa1jaksf.fsf@red.stonehenge.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 7, 2012 at 3:49 PM, Randal L. Schwartz
<merlyn@stonehenge.com> wrote:
>>>>>> "Paul" =3D=3D Paul Halliday <paul.halliday@gmail.com> writes:
>
> Paul> Is it possible to let a user write to a directory but not access th=
e
> Paul> file after they write it?
>
> Paul> The file is being transferred via scp and after the transfer I don'=
t
> Paul> want them to be able to re-fetch or even get a directory listing.
>
> scp is via ssh. =A0with ssh, they get a complete command line. =A0how are
> you going to prevent *that*?

The users shell is /bin/false

and sshd is setup like:

Match User a_user
    ChrootDirectory %h
    ForceCommand internal-sftp
    AllowTcpForwarding no



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJfn-RHK0t1wqkB=ac8wir1f4Mgh1Uo2SwHDnULv6CxSmUkuDA>