[scponly] scponly allows remote commands!
Kaleb Pederson
kpederson at mail.ewu.edu
Fri Jul 15 12:13:56 EDT 2005
Martin,
If you disable scp support and don't add any extra options, I believe all the
commands will be disabled. ls, cp, and some of the others are required for
SCP support to work.
I think the most secure route is to go with only SFTP support.
Hope this helps.
--Kaleb
On Friday 15 July 2005 8:51 am, Martin Spichty wrote:
> hi hideyuki & kaleb,
>
> thanks a lot for your prompt replies, this is fantastic support.
> the command i checked was "ls" which seems to be an allowed command.
> i would like to remove all commands, where do i find them in scponly.c?
> i did not find there a list of allowed commands, like commands[].
>
> thanks again,
> martin
>
> Am Friday 15 July 2005 11:17 am schrieben Sie:
> > Hi,
> >
> > >>> On Fri, 15 Jul 2005 11:05:40 -0400, Martin Spichty
> > >>> <martin.spichty at gmx.ch> said:
> > >
> > > hi all,
> > >
> > > I install scponly on a 64bit FC3 machine. Installation went fine,
> > > but scponly does not work as it is supposed to. It does not allow
> > > ssh-logins - great! - but it allows users to execute commands
> > > remotely, e.g. "ssh myhost command" works. any idea?
> >
> > ^^^^^^^
> > What command is this actually? Is it listed on commands[] in
> > scponly.c?
> >
> > -- rushani
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20050715/4d169994/attachment.bin
More information about the scponly
mailing list