[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Limiting Shell Access

Subject: Re: [cobalt-developers] Limiting Shell Access
From: "Paul Rosenthal" <paul.rosenthal@xxxxxxxxxxxxxxxxx>
Date: Tue Dec 18 02:12:04 2001
Organization: Tech Valley
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

Re:

Can't do it with SSH or telnet, because neither has it built into the
protocol <frown>.  The reason you can do it with FTP is because the FTP
daemon used by Cobalt has it's own commands (it doesn't rely on the ones
on the system) and applies it's own chroot.

And if you could do it, then everyone's login would have to have their
own copies of the programs they want to run, since linux couldn't find
the "real" ones in a chrooted directory structure.

I've been told it can be done with FreeBSD, and in fact I'm studying
that now, but you can't run FreeBSD on the RaQ (at least not without
completely destroying the gui <wry grin>.

Jeff



Thanks for the info.  I know FTP works because it is a separate program that
enforces the access limitations itself.

I don't fancy changing all the permissions on each directory etc, so will
stick to the policy of ensuring that no sensitive data is stored in areas
that may be accessed.

However, if you do make any progress, please let me know.

Thanks and Regards

Paul Rosenthal

Follow-Ups:
- Re: [cobalt-developers] Limiting Shell Access
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-developers] vnc on raq4
Next by Date: Re: Re: [cobalt-developers] tomcat.policy.custom & permission for external hosts
Previous by thread: Re: [cobalt-developers] Limiting Shell Access
Next by thread: Re: [cobalt-developers] Limiting Shell Access

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index