Safe shell access for untrusted third-party?
I have a physical drive mounted as a folder in Linux. I'd like to give an untrusted third party access via SSH to screw around as he pleases only on that drive using a handful of standard command-line utilities like rsync, emacs, pdftk, etc.
Is there any way to do this that doesn't have any known security problems?
That's nearly impossible, because he will need many files outside his jail. Applications, utilities and libraries for starters. There are three known ways, all with drawbacks. This howto describes the first two.
1) Patch your OpenSSH server and compile it yourself. Downside: You need to patch and you can't rely on the package manager for updates.
2) The make_chroot_jail.sh script. Downside: Size, because you need copies of all the tools and libraries you want to allow someone to use and you need to manually update these copies. There's also one security issue: If someone knows the password for a regular user that is inside an SSH jail and a regular user that is not inside an SSH jail, they can gain root access.
3) Use OpenSSH 5 or better. It has built-in support for jails. Downside: It works for sftp only. No shell access.
Personally, I don't bother. I've used the make_chroot_jail.sh script before but it's cumbersome. It's not worth the trouble. Just create regular users and make sure that you've set your permissions right. Possibly use ACL if you need to wall of certain parts of your server. What's the worst they can do? Read your /etc directory and have a look at configuration files? Read /proc and see how fast your processor is?
If there's something with your server that you can't give regular ssh access to a user then you need to fix your server because it's a security issue.
1) Patch your OpenSSH server and compile it yourself. Downside: You need to patch and you can't rely on the package manager for updates.
2) The make_chroot_jail.sh script. Downside: Size, because you need copies of all the tools and libraries you want to allow someone to use and you need to manually update these copies. There's also one security issue: If someone knows the password for a regular user that is inside an SSH jail and a regular user that is not inside an SSH jail, they can gain root access.
3) Use OpenSSH 5 or better. It has built-in support for jails. Downside: It works for sftp only. No shell access.
Personally, I don't bother. I've used the make_chroot_jail.sh script before but it's cumbersome. It's not worth the trouble. Just create regular users and make sure that you've set your permissions right. Possibly use ACL if you need to wall of certain parts of your server. What's the worst they can do? Read your /etc directory and have a look at configuration files? Read /proc and see how fast your processor is?
If there's something with your server that you can't give regular ssh access to a user then you need to fix your server because it's a security issue.
<hr />
Sander Marechal<small>[Lone Wolves][Hearts for GNOME][E-mail][Forum FAQ]</small>
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement