Re: your mail
From: David Schultz (dschultz@uclink.Berkeley.EDU)
Date: 01/20/03
- Next message: Anthony Schneider: "Re: your mail"
- Previous message: Crist J. Clark: "ftpd.c DoS Fix"
- In reply to: zhuravlev alexander: "Re: your mail"
- Next in thread: Anthony Schneider: "Re: your mail"
- Reply: Anthony Schneider: "Re: your mail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 20 Jan 2003 14:56:09 -0800 From: David Schultz <dschultz@uclink.Berkeley.EDU> To: zhuravlev alexander <zaa@ulstu.ru>
Thus spake zhuravlev alexander <zaa@ulstu.ru>:
> On Mon, Jan 20, 2003 at 12:13:23PM +0200, Oleg Shevtsov wrote:
> >
> > Hi,
> > how to give specific user FTP but no shell access?
> > Ftpd's manual says:
> > 4. The user must have a standard shell returned by
> > getusershell(3).
> > But I don't want to give shell account.
>
> /sbin/nologin ?
If you do it this way, you need to ensure that either the
``FTP-only'' users do not have home directories or that
/sbin/nologin is statically linked (the default). Otherwise, it
is possible to exploit a bug (ahem, feature) in OpenSSH to gain
shell access on your box.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Anthony Schneider: "Re: your mail"
- Previous message: Crist J. Clark: "ftpd.c DoS Fix"
- In reply to: zhuravlev alexander: "Re: your mail"
- Next in thread: Anthony Schneider: "Re: your mail"
- Reply: Anthony Schneider: "Re: your mail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
