[scponly] scponly 4.2 released (IMPORTANT SECURITY FIXES)
Kaleb Pederson
kpederson at mail.ewu.edu
Thu Dec 22 11:14:12 EST 2005
On Thursday 22 December 2005 7:51 am, user wrote:
[snip]
> So ... do I understand correctly - the scponly shell does not support scp
> by default anymore ?
>
> If the default does not support scp and rsync, does that mean 0% of all
> scponly admins will ever install the default ? What would you do with the
> default install ?
I believe the install should always be "secure by default." These changes to
the defaults make that possible. Thus, if somebody turns on a feature, they
should know and understand the ramifications.
As a sysadmin, I purposefully installed scponly with *only* sftp support
because I was worried about security vulnerabilities similar to vulnerability
number two that was reported, even though none were known at the time.
--Kaleb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20051222/7ca457b0/attachment.bin
More information about the scponly
mailing list