Re: Multi-User Security
From: Jan Grant (Jan.Grant_at_bristol.ac.uk)
Date: Mon, 17 May 2004 14:24:29 +0100 (BST) To: Frankye - ML <email@example.com>
On Mon, 17 May 2004, Frankye - ML wrote:
> On Mon, 17 May 2004 14:08:40 +0200 (CEST)
> "David E. Meier" <firstname.lastname@example.org> wrote:
> | We would like to offer to some customers of ours some sort of network
> | backup/archive. They would put daily or weekly backups from their local
> | machine on our server using rsync and SSH. Therefore, they all have a
> | user account on our server. However, we must ensure that they would
> | absolutely not be able to access any data of each other at all.
> Just my 2 cents: I've found very useful some shells that permits just some
> subset of commands, for example shells/scponly, sysutils/bksh or
> sendmail's smrsh.
> Since you're using ssh you might also find useful the command= statement
> in .ssh/authorized_keys
However, if you are using rsync or some other complex endpoint on the
server, you are also reliant on that having no way to subvert its
protocol or operation from the client side. "command=" settings in the
ssh config are a good starting point, but for defense in depth you
probably want careful control of filesystem access, be it through a jail
or some other mechanism.
-- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ Not as randy or clumsom as a blaster. _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "firstname.lastname@example.org"