gnu-arch-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] RFC: arch protocol, smart server, and tla implement

From: Jan Hudec
Subject: Re: [Gnu-arch-users] RFC: arch protocol, smart server, and tla implementation prototypes
Date: Sat, 31 Jan 2004 13:57:47 +0100
User-agent: Mutt/1.5.5.1+cvs20040105i 
On Sat, Jan 31, 2004 at 14:44:35 +0200, Momchil Velikov wrote:
> >>>>> "Jan" == Jan Hudec <address@hidden> writes:
> 
> Jan> On Fri, Jan 30, 2004 at 18:09:16 -0500, Colin Walters wrote:
> >> On Fri, 2004-01-30 at 17:45, Scott Parish wrote:
> >> If you don't want to give them shell accounts, you could just set their
> >> shell to a tiny C program which cleans the environment and runs "archd
> >> --client".
> 
> Jan> It does not even need to do that -- sshd's environment is quite clean
> Jan> and there will be no shell to pollute it (the command it execed directly
> Jan> by sshd).
> 
>   Here's what the login shell looks like for my remove cvs+ssh
> clients.

Which is not about cleaning an environment, but about doing a chroot...
Personaly, I would simply set the shell to
chroot /home/jdev /usr/bin/cvs server

> #include <unistd.h>
> 
> #define JAIL "/home/jdev"
> 
> int 
> main ()
> {
>   umask (002);
>   if (chdir (JAIL) == 0 && chroot (JAIL) == 0 && chdir ("/") == 0)
>     { 
>       setuid (getuid ());
>       execl ("/usr/bin/cvs", "cvs", "server", 0);
>     }
> 
>   return 0;
> }
> 
-------------------------------------------------------------------------------
                                                 Jan 'Bulb' Hudec 
<address@hidden>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]