Re: Restrict commands for all users

From: Chris Jensen (cjensen_at_gmail.com)
Date: 08/13/04

  • Next message: jniehof_at_bu.edu: "PAM and password authentication"
    Date: Fri, 13 Aug 2004 09:26:42 +1000
    To: secureshell@securityfocus.com
    
    

    On Thu, 12 Aug 2004 18:20:08 +1000, Chris Jensen <cjensen@gmail.com> wrote:
    > > Have you tried to just change their login shell to "/usr/bin/unison" ?
    > I was under the impression (from reading other posts) that this isn't
    > a secure solution as it is possible for the client to request an
    > alternate shell

    Also, wouldn't this mean that when the client end executes
    ssh user@server unison -arg1 -arg2
    that the remote server would execute
    /usr/bin/unison unison -arg1 -arg2

    (ie launch the shell, passing it the command to execute, and the
    arguments to that command, but as far as unison is concerned, the
    first argument is erronious.)


  • Next message: jniehof_at_bu.edu: "PAM and password authentication"

    Relevant Pages

    • Re: server/client program design advice wanted
      ... > command with those parameter, ... i've never done network programming so please be ... ssh will also let you execute programs remotely. ... Be sure to check the incoming parameters from the client before ...
      (comp.lang.perl)
    • Re: Sending invoices fax and e-mail with FJ Powercobol
      ... I have the number of fax in the database of the client. ... You need to find software that will accept a command line to do what ... BLAT message.txt -to accounts@xxxxxxxxxxxx -attach I123456.PDF ... do to execute a command line. ...
      (comp.lang.cobol)
    • Re: Sending invoices fax and e-mail with FJ Powercobol
      ... I have the number of fax in the database of the client. ... You need to find software that will accept a command line to do what ... BLAT message.txt -to accounts@xxxxxxxxxxxx -attach I123456.PDF ... do to execute a command line. ...
      (comp.lang.cobol)
    • deploy "caspol command" in batfile from the server
      ... I have a windows application that execute a windows logon in the client ... For run this application in the client from the server its would needed to ... I want to know how and where I need to deploy this command from the server ...
      (microsoft.public.dotnet.security)
    • Re: Stored procedure/trigger and scripts
      ... must have been the trigger that locked up the table. ... SQL Server has permissions to execute xp_cmdshell. ... >> client to change their password they have to call the "Client Relations" ...
      (microsoft.public.sqlserver.programming)