[plug] debian etch + vsftpd does not chroot jail users
Denis Brown
dsbrown at cyllene.uwa.edu.au
Fri Apr 18 09:10:28 WST 2008
At 07:16 PM 17/04/2008, mccabedj wrote:
>Richard Meyer wrote:
>>To prove whether this is correct, bring down the ftp daemon and connect
>>from windows again - if you can, my supposition is right, and you'll
>>have to use some other way to jail the client.
>
>>>User "badboy" has entry in /etc/passwd like so...
>>>badboy:x:1002:1002:Bad Boy,,,:/home/badboy/./:/bin/bash
>
>I imagine that you could replace /bin/bash with something like
> pola-run -B --prog=/bin/bash -fw=/home/badboy
>after having installed plash from
>http://plash.beasts.org
>
>This would also mean that badboy couldn't escape the jail by doing a plain
>ssh.
Hmmm... sweet :-)
This has distinct possibilities - thanks for the lead. As a side issue
however I would still like to get vsftpd working as advertised, even if
purely to advance my knowledge of their config.
Meantime a plash download is on today's to-do list.
Thanks,
Denis
More information about the plug
mailing list