[Nottingham] What restricted shell for ftp? What idiot-user GUI client?

[Roger Light]

On 02/02/07, Martin <martin at ml1.co.uk> wrote:

> I'm already using proftp with chroot-ing for the users concerned, but
> any other lock-down possible?

Preventing chmod is the usual other restriction I see. You want to
check the list of ftp commands available and limit any you aren't
happy with.

If you're really serious, then add the grsecurity patch to your kernel
and make use of the filesystem protections for chroots:

Deny mounts, double-chroots, pivot_root in chroot, enforce chdir("/"),
deny chmod +s, ...

You could also enable trusted path execution (again, in grsec) which
prevents users either in the untrusted group or else not in the
trusted group from executing any files that are not in root-owned
directories writable only by root. Combined with denied chmods, this
means you can enforce pretty well what your users can execute.

I like grsec.

> Also: What's people's favourite cross-platform GUI *sftp* client? (That
> is idiot user proof?)
>
> Ideal is something that just simply takes a sftp://user@some.web.address
> and then just asks for the password, then offering drag'n'drop for the
> files. For example, Filezilla is just far too scary for most users!

Hmm, I was all ready to offer filezilla there. Is it really that
scary? Most of the other (windows) ftp clients I've seen have been
much nastier. I think you might struggle with this one!

Cheers,

Roger