[scponly] Limiting to home directory without chroot?
scponly-7264 at tagged.lorens.org
scponly-7264 at tagged.lorens.org
Fri Sep 30 10:38:11 EDT 2005
I want to set up secure communications for an existing FTP
server. I thought I'd use scponly. The only way to limit a user
to his home directory seems to be by chrooting the user. Is this
correct? Why?
I don't feel like setting up chroot environments for some 10000
users, and the "set up a single chroot and hang all users off
it" won't work for me (home dirs have to be accessible by
others, but not coming through ftp/sftp/scp).
Assuming the scponly server does not have severe
vulnerabilities, isn't it simply a matter of forbidding cd to
directories above the home directory? Am I wrong in thinking
that this is easy, or in thinking that it is not done?
If not possible with scponly, are there other programs that can
provide a simple standard access over a secured channel to a
directory tree? I seem to remember an ssl/tls extension to ftp
that was not the same thing as sftp.
Thanks!
More information about the scponly
mailing list