[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: CVS security question
From: |
Rick Genter |
Subject: |
RE: CVS security question |
Date: |
Tue, 3 Feb 2004 12:32:42 -0800 |
It's probably more secure to set their shell to something that does exist but
won't function as a shell, like /dev/null or /bin/false. That way you don't
leave a hole where someone could create the non-existent program that the user
points to and voila - instant access.
--
Rick Genter
Sr. Software Engineer
Silverlink Communications
<mailto:address@hidden>
(781) 272-3080 x242
This e-mail, including attachments, may include confidential and/or proprietary
information, and may only be used by the person or entity to which it is
addressed. If the reader of this e-mail is not the intended recipient or his
or her authorized agent, the reader is hereby notified that any dissemination,
distribution or copying of this e-mail is prohibited. If you have received
this e-mail in error, please notify the sender by replying to this message and
delete this e-mail immediately.
-----Original Message-----
From: address@hidden
[mailto:address@hidden Behalf Of
Mark Jaffe
Sent: Tuesday, February 03, 2004 3:26 PM
To: address@hidden
Subject: RE: CVS security question
You can prevent a user from logging in by setting the shell variable in the
/etc/password file to a nonexistent shell. This will allow authorization, but
not allow login.
-----Original Message-----
> From: address@hidden
> [mailto:address@hidden Behalf
> Of Pankaj Garg
> Sent: Tuesday, February 03, 2004 10:59 AM
> To: address@hidden
> Subject: CVS security question
>
> To use SSH i
> need to make shell accounts for those two users. Now because
> these two users
> have shell account and have write access to my repository, they can
> essentially login in my CVS server box and do an rm -fR on my whole
> repository. Is there a way to prevent this?
=========================================
Mark Jaffe | (408) 972-9638 (home)
Chief Wizard | (408) 807-2093 (cell)
Computer Wizards | (425) 795-6421 (FAX)
_______________________________________________
Info-cvs mailing list
address@hidden
http://mail.gnu.org/mailman/listinfo/info-cvs
- CVS security question, Pankaj Garg, 2004/02/03
- RE: CVS security question, Jim.Hyslop, 2004/02/03
- RE: CVS security question, Matthew . Riechers, 2004/02/03
- RE: CVS security question, Mark Jaffe, 2004/02/03
- RE: CVS security question,
Rick Genter <=
- Re: CVS security question, Pankaj Garg, 2004/02/03
- RE: CVS security question, Patton, Matthew E., CTR, OSD-PA&E, 2004/02/03