Winscp

From: Grant Lowe (glowe@sbcglobal.net)
Date: Tue Mar 15 2005 - 16:53:45 EST

• Next message: egold@fsa.com: "ksh: How to tell when a job run in the background has completed?"
• Previous message: Daryl.Mitchell@us.o-i.com: "Fibre channel HBA errs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi gurus.
 
We've got a chroot'ed jail for FTP. Users can ftp into the FTP home directory just fine and can't change out of the chroot'ed directory. However, using Winscp, user's can not only login, but also change to the parent directory of the chroot'ed file system. This is on a Solaris 8, E200R. In /etc/shells, we have these:
 
/etc/ftponly
/usr/local/bin/scponly

The /etc/ftponly is simply a shell script, while the /usr/local/bin/scponly file is the scponly binary. I changed parent directory permissions to 500, that didn't work. I changed it to /etc/ftponly, and then logged in and could not cd to the parent directory. I thought the entry in /etc/passwd was incorrect. The line is:
user:x:169:99::/localhome/ftp/./user/:/usr/local/bin/scponly
 
How can I change this so that the Winscp can't cd out of the chroot'ed directory? Any help is appreciated and will summarize.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: egold@fsa.com: "ksh: How to tell when a job run in the background has completed?"
• Previous message: Daryl.Mitchell@us.o-i.com: "Fibre channel HBA errs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:21 EDT