|
|
Secure Shell
Chroot: sshd bug ? user redirects to root folder. Feb 27 2011 04:21PM Riccardo Castellani (ric castellani alice it) (2 replies) Re: Chroot: sshd bug ? user redirects to root folder. Feb 27 2011 05:45PM Dennis Nasarov (nasarov gmail com) (1 replies) Re: Chroot: sshd bug ? user redirects to root folder. Feb 27 2011 06:58PM Riccardo Castellani (ric castellani alice it) |
|
Privacy Statement |
access to root folder of chrooted environment and it doesn't let the
user go out of the chrooted directory,right?
It's like a normal user have access to root folder on a system.
+Raja
On 2/27/2011 9:51 PM, Riccardo Castellani wrote:
> I installed openssh-5.6p1 into my Fedora server and I run this service
> into chroot mode.
> I think to have found out a BUG into this package, specifically into
> sshd service:
>
> if remote user tries to connect to this service, where its home
> directory is unaccessible because it doesn't respect right permissions
> (execution permission of owner is missed or home directory is
> missing), he comes automatically into root folder of chroot.
> I think sshd should have to deny this login or at least sshd_config
> should have to contain the option to set this specifc behaviour; for
> example into Fedora distributions, there is "DEFAULT_HOME" option in
> /etc/login.defs file to permit this behaviour.
> Yes it's true, I can restrict access to specific users or use PAM
> module, but for security reasons I need to make sure myself to
> restrict access ONLY to home folder of user.
> I also could use PAM modules, but it's only available pam_mkhomedir.so
> which creates home folder if this one is not existing; I need
> pam_homecheck.so but it's available only as package for OpenSuse.
> Suggestions ?
>
[ reply ]