[scponly] V 4.0 allows ssh ??

Terry Gliedt tpg at umich.edu
Fri Dec 17 08:12:33 EST 2004 

wby oblyr wrote:
> this is a documentation problem.
> 
> in scp compatibility mode, scponly WILL allow certain file navigation functionality relating to file 
> transfers.
> 
> from the source:
> 
> #ifdef ENABLE_SCP2
>     { PROG_LS, 1 },
>     { PROG_CHMOD, 1 },
>     { PROG_CHOWN, 1 },
>     { PROG_CHGRP, 1 },
>     { PROG_MKDIR, 1 },
>     { PROG_RMDIR, 1 },
>     { PROG_SCP, 1 },
>     { PROG_LN, 1 },
>     { PROG_MV, 1 },
>     { PROG_RM, 1 },
>     { PROG_CD, 1 },
> #endif /*ENABLE_SCP2*/
> 
> those uppercase macro definitions are established by ./configure at compile time.
> 
> the reasoning here was to allow sftp-ish functionality via scp.  listing and manipulating files and 
> directories are all within the domain of scponly.
> 
> i WILL correct the documentation so that people will not be surprised by this behaviour in the future.
> 
> i may also make the configuration parameters more granular for this behaviour.  check back in 4.1 

If I may, I'd suggest you also add this as a configure switch (commands 
or not). In my case I want ssh killed, scp only (as in the command). I 
had not expected anything like this since I specified the --disable-sftp 
option. Perhaps a --disable-ssh-completely option?

Thanks for the quick response!

> Terry Gliedt wrote this message on Thu, Dec 16, 2004 at 16:02 -0500:
> 
>>On node 's', I fetched the latest code, compiled like this:
>>
>>  make clean
>>  rm -f config.cache
>>  ./configure --disable-sftp --disable-winscp-compat \
>>        --disable-gftp-compat --enable-rsync-compat
>>  make
>>  make install
>>
>>Added /usr/local/bin/scponly to /etc/shells. Added this user:
>>
>>  usera:x:505:100:Example user:/home/usera:/usr/local/bin/scponly
>>
>>I tried various scp commands to 'usera at s' which behaved as expected. On 
>>another machine I did
>>
>>  ssh usera at s ls -la
>>
>>and got back the results of 'ls'.  I was pretty surprised. What have I 
>>missed?
> 


-- 
=============================================================
Terry Gliedt     tpg at umich.edu       http://www.hps.com/~tpg/
Biostatistics, Univ of Michigan  Personal Email:  tpg at hps.com

More information about the scponly mailing list