Re: Session channel extension to specify home directory?

To: Darren Tucker <dtucker%zip.com.au@localhost>
Subject: Re: Session channel extension to specify home directory?
From: Joseph Galbraith <galb-list%vandyke.com@localhost>
Date: Wed, 16 Feb 2005 15:45:13 -0700

Darren Tucker wrote:

Joseph Galbraith wrote:

We just had a user request us to start a shell session
for them in an arbitrary directory.


[...]

Are there security implications?  Is it a bad idea?

Well, for one thing it would let users with restricted shells changedirectories.


Argh... and the server has no way of knowing that x is a restricted
shell and disallowing the command does it?

What value does it give beyond "(cd /some/path && some command)" ?


It works with a NT server.  This might be able to be worked
around by sending cd /some/path\n as artifical user input
before giving control to the user.

But... it works with a VMS server (cd is written
set default disk:[some.path])

But regardless, I don't think it is likely to get many supporters
given the issue with restricted shells.

Thanks,

Joseph

References:
- Session channel extension to specify home directory?
  - From: Joseph Galbraith
- Re: Session channel extension to specify home directory?
  - From: Darren Tucker

Prev by Date: Re: Session channel extension to specify home directory?
Next by Date: Re: Session channel extension to specify home directory?
Previous by Thread: Re: Session channel extension to specify home directory?
Next by Thread: Re: Session channel extension to specify home directory?
Indexes:

Home | Main Index | Thread Index | Old Index