[plug] debian etch + vsftpd does not chroot jail users
mccabedj
mccabedj at ucc.asn.au
Thu Apr 17 19:16:49 WST 2008
Richard Meyer wrote:
> To prove whether this is correct, bring down the ftp daemon and connect
> from windows again - if you can, my supposition is right, and you'll
> have to use some other way to jail the client.
>> User "badboy" has entry in /etc/passwd like so...
>> badboy:x:1002:1002:Bad Boy,,,:/home/badboy/./:/bin/bash
I imagine that you could replace /bin/bash with something like
pola-run -B --prog=/bin/bash -fw=/home/badboy
after having installed plash from
http://plash.beasts.org
This would also mean that badboy couldn't escape the jail by doing a
plain ssh.
--
John C. McCabe-Dansted
PhD Student, University of Western Australia
More information about the plug
mailing list