Re: Locking down ssh config in large env

From: lonely wolf (wolfy_at_nobugconsulting.ro)
Date: 09/28/04

  • Next message: Lissa Valletta: "scp encryption" 
    Date: Tue, 28 Sep 2004 02:08:01 +0300

    Greg Wooledge wrote:
    > On Tue, Sep 21, 2004 at 11:08:45AM -0700, Robert Hajime Lanning wrote:
    >
    >>Actually if the .ssh directory is owned by root (and everything in it)
    >>with the user not having
    >>write access to it, the user cannot delete the .ssh directory.
    >
    >
    > But if the user owns her own $HOME, she can rename the .ssh directory
    > to something else, then create a new .ssh directory with contents of
    > her choice. (Yes, even if root owns .ssh.)
    >
    >
    >>Directories cannot be deleted
    >>unless they are empty. You cannot delete a file unless you can write
    >>to the directory.
    >>This is implemented in the filesystem driver to keep filesystem consistancy.
    >
    >
    > Correct, but not useful in this case, unless you're willing to take
    > away users' ownerships of their own $HOME dirs. And if you do that,
    > then they aren't really full-fledged users any more
    >
    console 1:
    [root@wolfy2 wolfy]# mkdir testulica
    [root@wolfy2 wolfy]# touch testulica/mmm
    console 2:
    [wolfy@wolfy2 wolfy]$ rm testulica/ -fR
    rm: cannot remove `testulica//mmm': Permission denied
    [wolfy@wolfy2 wolfy]$ mv testulica/ gigi

    so.. nothing new so far. BUT:
    console 1:
    [root@wolfy2 wolfy]# chattr +i gigi

    console 2:
    [wolfy@wolfy2 wolfy]$ mv gigi vasile
    mv: cannot move `gigi' to `vasile': Operation not permitted

    and even:
    [root@wolfy2 wolfy]# rm -fR gigi/
    rm: cannot remove `gigi//mmm': Permission denied

    Of course, this will not prevent a determined user to use his own
    compiled copy of ssh which does not make use of .ssh but of renamed
    folder[s]/file[s]

  • Next message: Lissa Valletta: "scp encryption"