[Bug 171987] Review Request: scponly
Paul Wouters
paul at cypherpunks.ca
Tue Nov 1 02:28:03 UTC 2005
On Mon, 31 Oct 2005, bugzilla at redhat.com wrote:
> ------- Additional Comments From wtogami at redhat.com 2005-10-31 15:45 EST -------
> It is not easy to create a chroot jail and (the more difficult part) to keep it
> updated. scponly without the chroot itself is pretty useful so I want to push
> this into Extras now. If you can think of a good solution to creating and
> updating chroots, please propose solutions on fedora-extras-list and we can fold
> it into a future package if accepted.
I'll think about the jail solution.
Regarding the chroot or not. As an ISP, I am first initerested in the security of
my system, and secondly interested in the security of the individual users. As an
ISP offering ftp, I have a chroot ftp daemon available, so it limits ftp users to
their own home directory. I would never give up the chroot to give the enduser
encryption and privacy on his password and data at the expense of the user being
able to have read access to my entire machine. As such, I don't think anyone
will use scponly if it does not have a chroot feature.
Paul
--
"Happiness is never grand"
--- Mustapha Mond, World Controller (Brave New World)
More information about the fedora-extras-list
mailing list