13 messages in org.freebsd.freebsd-securityRe: your mail| From | Sent On | Attachments |
|---|---|---|
| Oleg Shevtsov | Jan 20, 2003 2:13 am | |
| zhuravlev alexander | Jan 20, 2003 2:22 am | |
| Olafur Osvaldsson | Jan 20, 2003 2:22 am | |
| Oleg Shevtsov | Jan 20, 2003 2:36 am | |
| Peter Elsner | Jan 20, 2003 5:59 am | |
| David Bell | Jan 20, 2003 6:21 am | |
| Crist J. Clark | Jan 20, 2003 1:39 pm | |
| David Schultz | Jan 20, 2003 2:55 pm | |
| Anthony Schneider | Jan 20, 2003 3:51 pm | |
| Crist J. Clark | Jan 20, 2003 4:24 pm | |
| David Schultz | Jan 20, 2003 4:50 pm | |
| Anthony Schneider | Jan 20, 2003 5:40 pm | |
| Gaspar Chilingarov | Mar 6, 2003 3:52 am |
| Subject: | Re: your mail | |
|---|---|---|
| From: | Anthony Schneider (anth...@x-anthony.com) | |
| Date: | Jan 20, 2003 3:51:30 pm | |
| List: | org.freebsd.freebsd-security | |
statically linked? is /sbin/nologin not a shell script anymore?
-Anthony.
On Mon, Jan 20, 2003 at 02:56:09PM -0800, David Schultz wrote:
Thus spake zhuravlev alexander <za...@ulstu.ru>:
On Mon, Jan 20, 2003 at 12:13:23PM +0200, Oleg Shevtsov wrote:
Hi, how to give specific user FTP but no shell access? Ftpd's manual says: 4. The user must have a standard shell returned by getusershell(3). But I don't want to give shell account.
/sbin/nologin ?
If you do it this way, you need to ensure that either the ``FTP-only'' users do not have home directories or that /sbin/nologin is statically linked (the default). Otherwise, it is possible to exploit a bug (ahem, feature) in OpenSSH to gain shell access on your box.
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message