Date: Mon, 14 Jun 2004 12:38:58 +0100 From: Bruce M Simpson <bms@spc.org> To: cjclark@alum.mit.edu Cc: Dan Rue <drue@therub.org> Subject: Re: [Freebsd-security] Re: Multi-User Security Message-ID: <20040614113858.GA13028@empiric.dek.spc.org> In-Reply-To: <20040609145223.GA53862@blossom.cjclark.org> References: <20040518160517.GA10067@therub.org> <OPEPILILPLAKPFCNKOKAGEGHCBAA.remko@elvandar.org> <20040520033024.GA26640@therub.org> <20040606233720.F1850@ync.qbhto.arg> <20040607204149.GC75747@blossom.cjclark.org> <20040609050217.Q5839@ync.qbhto.arg> <20040609145223.GA53862@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 09, 2004 at 07:52:23AM -0700, Crist J. Clark wrote: > To do scp-only, you either need (a) a hacked up sshd(8) daemon, (b) a > jailed environment, or (c) a special shell for the user that only allows > scp(1) to run. The funny thing is, I think (c) is probably the easiest > to implement on a mass scale, but seems to be the option most seldom > considered. ports/shells/scponly BMS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040614113858.GA13028>