[scponly] scponly 3.1

joe joe at sublimation.org
Thu Sep 12 15:12:25 EDT 2002 

you're right - allowing rsync and other eclectic stuff isnt an acceptable
default.

i am not particularly attracted to the runtime configuration possibility,
however.  I would argue that runtime config was not paranoid enough.  the
support for rsync, cvs, unison, etc - should be a compile time
configuration parameter.  the administrator is going to know well in
advance what programs remote users will need to access - no?

things are rsync, cvs - anything but scp and sftp are by default not
included in the set of allowable binaries scponly will run.  if you are
REALLY paranoid and you prefer sftp-server to scp, you can even disable
scp support (or vice-versa).

thoughts?
joe

----

PGP KEY: http://www.sublimation.org/contact.html
PGP Key fingerprint = EC4B 0DA5 B4F6 BDDD 9176 55D6 3A6A 7D63 158F 22D2


On Thu, 12 Sep 2002, Andrew Chadwick wrote:

> Hello all.
>
> On Wed, Sep 11, 2002 at 02:15:05PM -0400, David N. Blank-Edelman wrote:
> > On Wed, 11 Sep 2002, joe wrote:
> > > 	- rsync support.  i added a configure script option that allows
> > > someone to include "rsync" in the list of acceptable scponly commands.
> > > the default is not to do this.  i will probably add cvs too, as it also
> > > allows a ssh tunnel for transfers.
> >
> > Cool idea. Can I make a request? Can you either make this extensible (i.e
> > so a user can just add to the list of paths that can be called) or barring
> > that also add the same support for a tool called unison?
>
> Hmm - unison, rsync, cvs(!) - that's quite a lot for the paranoid
> sysadmin to worry about.
>
> I'm working on a Debian package of scponly
> (http://swift.piffle.org/~andrewc/debian/, I hope to update the package
> to cover scponly-3.x this afternoon).
>
> Speaking as a packager (and paranoid sysadmin), it would be nicest if
> the program were to, yes, incorporate support for more than just the
> basic sftp-scp-and-ls binaries, but to be forced as root to add explicit
> permissions for certain users to use exotic stuff like rsync or cvs.
>
> It should be root making the decision about who to let do stuff, and
> what. A config file in /etc/scponly or your local equivalent might
> suffice.
>
> --
> Andrew Chadwick
> http://www.piffle.org/
>

More information about the scponly mailing list