Is ssh not safe?
Aaron Gaudio
prothonotar at tarnation.dyndns.org
Sun Jul 25 03:42:39 UTC 2004
Behold, Alexander Dalloz <alexander.dalloz at uni-bielefeld.de> hath decreed:
> Am So, den 25.07.2004 schrieb Brentley um 3:44:
>
> > I've always been fond of the rbash shell... symbolic link bash to
> > rbash, then set their shell to /bin/rbash.... pretty cool.
>
> What should that be? Restricting morons?
>
> I suggest you do it yourself and then when logged in with such an rbash
> shell you enter "bash" and then rethink the sense of such a shell
> setting ;)
Fortunately, restricted mode is a little more intelligent than that. It will
not allow you to specify "/" in command names, and PATH is a read-only
variable. So, properly configured, a restricted bash shell can provide a
little more semblance of security thatn you let on, though it surely is not
a panacea.
>
> Alexander
>
>
> --
> Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
> Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.6-1.435.2.3.ad.umlsmp
> Serendipity 04:24:16 up 2 days, 13:12, load average: 2.92, 1.92, 1.58
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
--
prothonotar at tarnation.dyndns.org
"Every man is a mob, a chain gang of idiots."
- Jonathan Nolan, /Memento Mori/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20040724/9166be83/attachment-0002.bin
More information about the users
mailing list