From owner-freebsd-security Tue Feb 27 20:22:17 2001 Delivered-To: freebsd-security@freebsd.org Received: from grok.example.net (a0g1355ly34tj.bc.hsia.telus.net [216.232.252.235]) by hub.freebsd.org (Postfix) with ESMTP id DEC7537B718 for ; Tue, 27 Feb 2001 20:22:15 -0800 (PST) (envelope-from sreid@sea-to-sky.net) Received: by grok.example.net (Postfix, from userid 1000) id 444A8213397; Tue, 27 Feb 2001 20:21:45 -0800 (PST) Date: Tue, 27 Feb 2001 20:21:45 -0800 From: Steve Reid To: Brooks Davis Cc: Rob Simmons , George.Giles@mcmail.vanderbilt.edu, freebsd-security@FreeBSD.ORG Subject: Re: ftp access Message-ID: <20010227202145.A31471@grok.bc.hsia.telus.net> References: <20010227145512.A13920@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: <20010227145512.A13920@Odin.AC.HMC.Edu>; from Brooks Davis on Tue, Feb 27, 2001 at 02:55:12PM -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Feb 27, 2001 at 02:55:12PM -0800, Brooks Davis wrote: > If you do this be sure to keep users from being able to access the system > via ssh. Otherwise they can just use ssh to spawn a shell for themselves: > ssh -t /bin/sh Are you certain about this? I tried this on a 4.1.1-R box I operate and it didn't let me in. The box is set up with the ftp login shell set to "/nonexistent/ftponly", which is listed in /etc/shells but does not exist. I suspect sshd is trying to use the login shell to execute the supplied command, which will fail if the login shell doesn't exist. Either I'm not doing it right, or other ssh/sshd combinations are different, or you're wrong about it being possible. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message