Date: Tue, 16 Sep 2008 00:46:36 -0500 From: CyberLeo Kitsana <cyberleo@cyberleo.net> To: Ted Mittelstaedt <tedm@toybox.placo.com> Cc: Yury Michurin <yury.michurin@gmail.com>, freebsd-questions@freebsd.org Subject: Re: Being a shell provider - good business? Message-ID: <48CF483C.1020000@cyberleo.net> In-Reply-To: <BMEDLGAENEKCJFGODFOCOEOHCFAA.tedm@toybox.placo.com> References: <BMEDLGAENEKCJFGODFOCOEOHCFAA.tedm@toybox.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ted Mittelstaedt wrote: > But getting back to the discussion - the OP's friend seemed like > he -wanted- to get involved in some rather Bad People. I'm not entirely sure, but I can't find anyone in this thread whose actually talked with the OP's friend other than the OP themselves, who seems to be biased against the idea in the first place. I'm not sure how such an assertion can be safely made under the circumstances. Personally, I've always been looking for ways to secure the shell service I provide, for things such as webspace file transfer and MUCK/MUD gameserver hosting. I dislike providing FTP to people, as it's so insecure and firewall-unfriendly, but chrooting SSH/SFTP in a suitable manner is something I've never been able to successfully complete. I had something going with Busybox on a test linux box, but alas, compilation fails horribly on FreeBSD for reasons not adequately explored. So, for now, I stick with judicious use of UID-based firewall rules, careful application of unix file permissions, the security.bsd.see_other_uids sysctl, and knowing personally each person I host, so I can personally deal with them if they venture into not-so-nice territory. -- Fuzzy love, -CyberLeo Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net <CyberLeo@CyberLeo.Net> Furry Peace! - http://wwww.fur.com/peace/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48CF483C.1020000>