[Gllug] Limiting SSH access
Mark Lowes
hamster at korenwolf.net
Thu Apr 3 11:13:09 UTC 2003
On Thu, 2003-04-03 at 12:01, Richard W.M. Jones wrote:
> On Thu, Apr 03, 2003 at 09:39:17AM +0100, Mark Lowes wrote:
> > The only thing I can think of is that you put all those users into a
> > group which cannot run any programs other than those you have explicitly
> > specified.
>
> This doesn't work because it's possible to upload pre-built
> binary files, even if you've denied scp access.
True, once you allow shell all bets are pretty much off. Oh well go
with my other option, split it off into it's own secure network,
physical layer security :)
--
Mark Lowes <hamster at korenwolf.net>
http://www.korenwolf.net/
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list