Re: [Duplicity-talk] Secure setup

duplicity-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Secure setup

From:	Johnix
Subject:	Re: [Duplicity-talk] Secure setup
Date:	Sun, 19 Dec 2004 14:36:59 +0100
User-agent:	Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

Mathias de Riese <address@hidden> writes:

C> Thomas Tempé (Johnix) wrote:
>
>>Should I set up a chrooted sshd on a non-standard port, with a
>>different /etc/passwd?
>>
>>Should I create an account and mess with Pam so that the given user
>>cannot do anything else than use SCP?
>>
>>
> I did something similar, but not with PAM: I set up a user with a special
> script as shell. 

Not something I'd trust.

There are ways to gain a user's privileges without running his shell,
eg by using his mailbox, or an FTP account, or a web or Samba server
with $HOME access, or God knows what else.

Have fun,
-- 
Thomas Tempé
http://www.alysse.org/tom

pgpvtONvU1vv0.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Duplicity-talk] Secure setup, Johnix, 2004/12/15
- Re: [Duplicity-talk] Secure setup, Mathias de Riese, 2004/12/16
  - Re: [Duplicity-talk] Secure setup, Johnix <=

Prev by Date: Re: [Duplicity-talk] Secure setup
Previous by thread: Re: [Duplicity-talk] Secure setup
Index(es):
- Date
- Thread