Re: on potato's proftpd

2002-03-30 Thread martin f krafft
also sprach Ivo Timmermans <[EMAIL PROTECTED]> [2002.03.30.0845 +0100]: > > okay, but noone knows about it. why isn't it on security.debian.org > > yet??? > > Beats me... i don't get it. will someone please push this package ivo made as an NMU into security.debian.org ASAP? i'd do it myself, but

scp and sftp

2002-03-30 Thread Jon McCain
I've been playing around with the scp and sftp components of putty and noticed what I consider a security hole. Winscp does the same thing. The user can change to directories above their home. Is there a way to chroot them like you can in an ftp config file? I don't see anything in the sshd co

Re: scp and sftp

2002-03-30 Thread Junichi Uekawa
Jon McCain <[EMAIL PROTECTED]> cum veritate scripsit: > I've been playing around with the scp and sftp components of putty and > noticed what I consider a security hole. Winscp does the same thing. > The user can change to directories above their home. Is there a way to > chroot them like you

Re: scp and sftp

2002-03-30 Thread Alvin Oga
hi ya i'd do it with automounter w/ ssh ??? mount remote:/home/httpd/html /mnt/html scp /home/user/new_site.html /mnt/html sync umount /mnt/html mount is not needed if it is configured to auotmount and does NOT need shell account on the remote web server you also cannot cd / on the remote

Re: on potato's proftpd

2002-03-30 Thread Ivo Timmermans
martin f krafft wrote: > also sprach Noah Meyerhans <[EMAIL PROTECTED]> [2002.03.29.2332 +0100]: > > Such a package has existed at http://people.debian.org/~ivo/ for over a > > year. > > okay, but noone knows about it. why isn't it on security.debian.org > yet??? Beats me... Ivo -- He

Re: on potato's proftpd

2002-03-30 Thread martin f krafft
also sprach Ivo Timmermans <[EMAIL PROTECTED]> [2002.03.30.0845 +0100]: > > okay, but noone knows about it. why isn't it on security.debian.org > > yet??? > > Beats me... i don't get it. will someone please push this package ivo made as an NMU into security.debian.org ASAP? i'd do it myself, but

scp and sftp

2002-03-30 Thread Jon McCain
I've been playing around with the scp and sftp components of putty and noticed what I consider a security hole. Winscp does the same thing. The user can change to directories above their home. Is there a way to chroot them like you can in an ftp config file? I don't see anything in the sshd con

Re: scp and sftp

2002-03-30 Thread Junichi Uekawa
Jon McCain <[EMAIL PROTECTED]> cum veritate scripsit: > I've been playing around with the scp and sftp components of putty and > noticed what I consider a security hole. Winscp does the same thing. > The user can change to directories above their home. Is there a way to > chroot them like you c

Re: scp and sftp

2002-03-30 Thread Alvin Oga
hi ya i'd do it with automounter w/ ssh ??? mount remote:/home/httpd/html /mnt/html scp /home/user/new_site.html /mnt/html sync umount /mnt/html mount is not needed if it is configured to auotmount and does NOT need shell account on the remote web server you also cannot cd / on the remote