Hosting Provided By

Re: AW: sftponly

From: Ben Lindstrom <mouring(at)etoh.eviladmin.org>
Date: Tue Jun 24 2003 - 12:20:38 EDT

On Tue, 24 Jun 2003 Michael.Eisele@t-systems.com wrote:

> Why isn't it possible to use an mechanism like it is provided with the

Please tell me you truly don't believe that.. Yes it is still possible for them to break out. Another glob() bug, libc attack, kernel bug, or any buffer overflow by bad coding pratice in the application will still let the attacker have a keyhole access.

Just because you don't use the master /etc/passwd does not mean much. This just gives you the ability to have to have a 'jjohns@' login for each vhost.

Received on Tue Jun 24 16:20:59 2003

This message: [ Message body ]
Next message: servie platon: "DSA VS RSA"
Previous message: Brian Hatch: "Re: trying to use keys...been asked a bunch, didn't find many solutio ns"
In reply to Michael.Eisele(at)t-systems.com: "AW: sftponly"
Next in thread: Atro Tossavainen: "Re: sftponly"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:00 EDT