Date: Wed, 7 Nov 2001 15:23:54 -0800 (PST) From: David Kirchner <davidk@accretivetg.com> To: Magdalinin Kirill <bsdforumen@hotmail.com> Cc: <volax@uh.ru>, <freebsd-security@FreeBSD.ORG> Subject: Re: Chrooted SSH2 problem Message-ID: <20011107152206.C44499-100000@localhost> In-Reply-To: <F149ixaLIqdqo0czTxs00024e9b@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 5 Nov 2001, Magdalinin Kirill wrote: > If you want to allow a couple of users at your box, then > placing sh (which is statically linked) in > /home/chrooted/dummy/bin/ should do the trick. If there > must be many users, then consider making bin, usr and > even var directories under /home/chrooted, and chroot > all users to /home/chrooted. All binaries in bin, usr must > be statically linked or you will have to place all necessary > libraries over there, which is a security risk(?). Thankfully, you can get away with setting up a "skeleton" directory on that mountpoint and then creating hard links (with ln) from the skeleton directory to each chroot'd user directory. Note that this will only work (effectively) for regular files. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011107152206.C44499-100000>