[geeks] hidden files and sftp
Shannon Hendrix
shannon at widomaker.com
Mon Feb 11 20:16:07 CST 2008
On Feb 11, 2008, at 2:27 PM, velociraptor wrote:
> On Feb 6, 2008 1:16 PM, der Mouse <mouse at rodents.montreal.qc.ca>
> wrote:
>>> Unfortunately, this is an openssh based system, and unless I've
>>> missed something it seems there is no option to control what someone
>>> sees with sftp.
>>
>> Well, you've got the source; it can't be all that hard to drop in
>> code
>> just before going to the filesystem that checks for a dotfile and
>> pretends the file doesn't exist if so.
>
> Another tactic would be a restricted shell and putting the limited
> users into directories with no dot files. This was something we
> looked at back at one of my $gov_agency jobs to give vendors the
> ability to push files to our dev servers using a secure protocol as
> ftp was a no-no. We never implemented it, though.
>
> I can't remember the name of the restricted shell off the top of my
> head, though, and my notes aren't with me. You should be able to
> exercise google-fu to find it.
The problem is that the system is wrapped up in a custom shell system
and it uses the standard UNIX tools in the background, which means
they use /etc/skel.
If I had infinite time, I could do things like that, but ideally I
would leave the account management alone since it currently works and
I don't want top have to fix it.
I might just change how we build user directories somehow, or fiddle
with how /etc/skel
is used for each account type.
--
Shannon Hendrix
shannon at widomaker.com
More information about the geeks
mailing list