IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Publickey subsystem draft posted



(a side not - Brent has sent me the XML source, which I'm currently updating to match my earlier mail)

Nicolas Williams wrote:

I think "from" should be added also (i.e., what source addresses a
client may use this key from).

Sounds like a good idea.

Yeah, all restrictions should be standalone attributes.  Those

I've now converted them all to be.

restrictions which you modeled as values of the "restrict" attributes
could be standalone attributes with boolean values (or null; if the
attribute is present, the restriction is on, if not, not).

I've defined them as being null.

The "subsystem" restriction should go and be replaced by the subsystem
attribute which should list the sub-systems that a user is allowed to
start (if the list empty, then none are allowed; if the attribute is
missing or if the value is "*", then all are allowed).

This doesn't match the "command" attribute, which starts the command itself. Then again, I'm unhappy with that aspect of the "command" attribute's behaviour - it raises questions such as When does it start the command?, Does it wait for the client to request a pty or run the command without one?, etc. Maybe change "command" to specify a command which the user's allowed to execute. Ideally, change it to specify more than one command, but in that case, I'm not sure what could be used as a separator. Maybe allow for more than one command attribute to be set?

--
Jon Bright
Lead Programmer, Silicon Circus Ltd.
http://www.siliconcircus.com




Home | Main Index | Thread Index | Old Index