Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 16 Sep 2008 00:46:36 -0500
From:      CyberLeo Kitsana <cyberleo@cyberleo.net>
To:        Ted Mittelstaedt <tedm@toybox.placo.com>
Cc:        Yury Michurin <yury.michurin@gmail.com>, freebsd-questions@freebsd.org
Subject:   Re: Being a shell provider - good business?
Message-ID:  <48CF483C.1020000@cyberleo.net>
In-Reply-To: <BMEDLGAENEKCJFGODFOCOEOHCFAA.tedm@toybox.placo.com>
References:  <BMEDLGAENEKCJFGODFOCOEOHCFAA.tedm@toybox.placo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Ted Mittelstaedt wrote:
> But getting back to the discussion - the OP's friend seemed like
> he -wanted- to get involved in some rather Bad People.

I'm not entirely sure, but I can't find anyone in this thread whose
actually talked with the OP's friend other than the OP themselves, who
seems to be biased against the idea in the first place. I'm not sure how
such an assertion can be safely made under the circumstances.

Personally, I've always been looking for ways to secure the shell
service I provide, for things such as webspace file transfer and
MUCK/MUD gameserver hosting. I dislike providing FTP to people, as it's
so insecure and firewall-unfriendly, but chrooting SSH/SFTP in a
suitable manner is something I've never been able to successfully complete.

I had something going with Busybox on a test linux box, but alas,
compilation fails horribly on FreeBSD for reasons not adequately explored.

So, for now, I stick with judicious use of UID-based firewall rules,
careful application of unix file permissions, the
security.bsd.see_other_uids sysctl, and knowing personally each person I
host, so I can personally deal with them if they venture into
not-so-nice territory.

-- 
Fuzzy love,
-CyberLeo
Technical Administrator
CyberLeo.Net Webhosting
http://www.CyberLeo.Net
<CyberLeo@CyberLeo.Net>

Furry Peace! - http://wwww.fur.com/peace/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48CF483C.1020000>