Re: Restricting sftp commands

On Wed, Dec 21, 2005 at 12:23:24PM -0500, Fontanez Martin wrote:
> Not certain if I am missing the point, but the perms in the box should
> restrict what they can actually do.

The trick, of course, is that if they are using sftp, they can change
permissions of files they own, and they can move around in the
filesystem. You have to make the permissions really restrictive to
prevent this, which may be undesireable and/or unworkable.

Chrooting can help, but depending on the configuration and needs of
the site, may not solve the problem entirely.

But switching to scp can make this more workable.

Derek D. Martin
GPG Key ID: 0x81CFE75D

Description: PGP signature

Relevant Pages

  • Re: Sharepoint Security - Help!!!!!
    ... When they did the migration from one server to another it went from Standard ... differnt sharepoint document libraries that we have in our internal company ... permissions as to who could look in them. ... > How can I restrict access and double check that it isn't some other option. ...
  • Re: File permissions when ftp
    ... But yes both users were using sftp in all ... > the same permissions as the original file on the source computer. ... > Regular ftp clients don't usually do this. ... file and still have Apache act normal not giving the 403 error. ...
  • Re: Cant edit text -
    ... I created a new directory as user "bobg" and moved the files to it, then removed the original directory and recreated it as bobg and put the files back in and things work normally. ... I imagine all that really needs to be done is to change the owner, the permissions were ok. ... I don't think sftp has any ...
  • Re: Restricted Shells or Menu Based Shells
    ... > If you remove my permissions to a file I just upload my own file and use ... However, one need not restrict your use of your home directory, other ... owned by the untrusted group, ...
  • Re: Limit user access to server
    ... to the Remote Desktop users group and make sure that group has the user ... >> needs then create your own local group and configure ntfs permissions ... For XP Pro and Windows 2003 Software Restriction ... >> Policies can also be used to restrict what applications a user can ...