[PLUG] setting up SSH to chrrot to user homeDir

plug_0 at robinson-west.com plug_0 at robinson-west.com
Fri Aug 25 18:58:01 UTC 2006


Quoting "Kenneth G. Stephens" <kens at cad2cam.com>:

> On Fri, 2006-07-21 at 11:08 -0700, Jason Van Cleve wrote:
> > > -----Original Message-----
> > > From: plug-bounces at lists.pdxlinux.org 
> > > [mailto:plug-bounces at lists.pdxlinux.org] On Behalf Of Kenneth 
> > > G. Stephens
> > > Sent: Friday, July 21, 2006 6:58 AM
> > > To: josh at emediatedesigns.com; General Linux/UNIX discussion 
> > > and help;civil and on-topic
> > > Subject: Re: [PLUG] setting up SSH to chrrot to user homeDir
> > > 
> > > Think about it.  ~/.login
> > > /usr/sbin/chroot $HOME
> > 
> > Thinking about it, I guess you'd need some way to keep the user from
> > editing, moving or deleting that file, else they'd be able to disable it
> and
> > then log in normally.
> > 
> > --Jason
> Sort of reminds me of working for a government contractor at a
> governnment facility.  The removed the rm function so we could not
> delete files.  We figured out we could delete files anyway with the move
> command.  cp /dev/zero to ~/zero.  cp ~/zero file-to-delete.
> 
> Hehe
> 
> Ken of CAD 2 CAM.

How much damage can you do with a normal account anyways?  If all software is
safe and can't be operated in a malicious manner against the system, or in such
a way that a normal user becomes root, how much risk is there?  One of the
beauties of Linux is that even baseline security allows for the seperation of
users.  How much damage can an ordinary user do with rm -rf * from /?  Is
chrooting users to their home directories an attempt to solve a problem that
doesn't exist?  Maybe a better solution is per user permissions on programs
and not allowing any user to install or run a program in his/her home directory
without oversight.  With chroot, you are talking massive overhead and
duplication of software.  I believe SELinux is an attempt to implement finer
grained security that goes beyond user, group, and world permissions on files.

Maybe the overriding concern is that you want users to write to one particular
place on your filesystems and nowhere else.  On an ordinary system, they can't
write to a directory they don't own unless they get permission to somehow. 
There may be ordinary users that are a problem, they set their permissions
wrong.  How about wrapping ftp with ssh and going back to a true ftp session?

Michael C. Robinson


-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/



More information about the PLUG mailing list