Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 16 Nov 2002 16:31:25 +0100
From:      Anders Nordby <anders@FreeBSD.org>
To:        security@FreeBSD.org
Subject:   Limiting commands to run with SSH key authorization
Message-ID:  <20021116153124.GA58620@totem.fix.no>
next in thread | raw e-mail | index | archive | help 

--G4iJoqBmSsgzjUCe
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Howdy,

I just finished a Perl program to verify whether the program intended
for running through SSH with key based authorization:

a) has only valid characters.
b) matches an authorized_keys configurable regexp, if you want to be
able to run for example "rsync --server WHATNOT.

example authorized_keys:

command="/usr/local/bin/checksshcmd -c \"^rsync --server \"" 1024 35
XXXXX.. foo@barhost

If a and be are not satisfied, program intended to run will not. I've
attached the program. I'd be happy to receive feedback on the
security/usability of it, as you see it. Or if you have any improvements
you can think of..

Sometimes you may need to allow the user to have som variations on the
commands to use, this is an attempt to address that as opposed to just
using command= some command that runs a specific command only.

(Perl haters can go to /dev/null.)

Cheers,

-- 
Anders.

--G4iJoqBmSsgzjUCe
Content-Type: application/x-perl
Content-Disposition: attachment; filename="checksshcmd.pl"
Content-Transfer-Encoding: quoted-printable

#! /usr/bin/perl -T=0A# anders@fix.no, 2002-11-13=0A=0A# do not include das=
h to allow "-", it's hard-coded to be possible to use in=0A# the regexp (- =
is normally a range)=0A$okchars =3D "a-zA-Z/. ";=0A=0Ause Getopt::Std;=0A$E=
NV{PATH} =3D "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"=
;=0Adelete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};=0A=0Asub enotallowed=
=0A{=0A	print "Not allowed to run program.\n";=0A	exit 1;=0A}=0A=0Agetopts(=
'c:');=0A$runcmd =3D $ENV{SSH_ORIGINAL_COMMAND};=0A=0Aif ($runcmd =3D~ /^([=
-$okchars]+)$/) {=0A	$runcmd =3D $1;=0A} else {=0A	enotallowed;=0A}=0A=0Aif=
 ((defined $opt_c) && ($ENV{SSH_ORIGINAL_COMMAND} =3D~ /$opt_c/)) {=0A	exec=
($runcmd);=0A} else {=0A	enotallowed;=0A}=0A
--G4iJoqBmSsgzjUCe--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021116153124.GA58620>