Displaying 3 results from an estimated 3 matches for "rmksh".
Did you mean:
mksh
2020 Aug 03
2
Deprecation of scp protocol and improving sftp client
On Tue, 4 Aug 2020, raf wrote:
> In such cases, this vulnerability can be mitigated by
> the use of an ssh-specific command whitelisting control
> such as:
Probably just as easy: give the user a restricted shell
(/bin/rmksh) as shell and set their PATH etc. suitably,
to not include any other commands.
bye,
//mirabilos
PS: Full disclosure: I?m the mksh developer
--
?MyISAM tables -will- get corrupted eventually. This is a fact of life. ?
?mysql is about as much database as ms access? ? ?MSSQL at least descends
from a...
2020 Aug 05
4
Deprecation of scp protocol and improving sftp client
...t; On Tue, 4 Aug 2020, raf wrote:
> >
> > > In such cases, this vulnerability can be mitigated by
> > > the use of an ssh-specific command whitelisting control
> > > such as:
> >
> > Probably just as easy: give the user a restricted shell
> > (/bin/rmksh) as shell and set their PATH etc. suitably,
> > to not include any other commands.
> >
> > bye,
> > //mirabilos
> > PS: Full disclosure: I?m the mksh developer
>
> I've thought of a valid use for this kind of behaviour
> that someone might actually be rely...
2020 Aug 03
6
Deprecation of scp protocol and improving sftp client
I hear you - but it seems that the choice is between (a) limiting "scp" functionality to address the security vulnerability, and (b) killing "scp" altogether.
I'd much prefer (a), even if it means I lose "scp remotehost:foo\* .".
Especially, since (almost always) I have equal privileges on both local and remote hosts, so in that case I just originate that