Date: 24 Oct 2004 17:06:28 +0200
From: SecuriTeam <[email protected]>
To: [email protected]Subject: [TOOL] Rssh - Restricted Shell for OpenSSH
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Rssh - Restricted Shell for OpenSSH
------------------------------------------------------------------------
SUMMARY
DETAILS
<http://www.pizzashack.org/rssh/>; rssh is a restricted shell for use with
<http://www.openssh.com/>; OpenSSH, allowing only scp and/or sftp. For
example, if you have a server which you only want to allow users to copy
files off of via scp, without providing shell access, you can use rssh to
do that.
Though rssh is written to work with OpenSSH, it will probably work with
other implementations of SSH. Also, rssh is written and tested on Linux
systems, but should compile cleanly and work on any POSIX.2-compliant
system. It is verified to work on the following platforms:
* A wide variety of Linux distributions, on IA32 and IA64 hardware
* Compaq Tru64 Unix
* Solaris 2.x - 8 (under certain conditions -- see the security link)
* AIX 5.1
* HP/UX 11.00 (PA-RISC)
* HP/UX 11.22 (IA64)
* Irix 6.5
Currently, it does not work on (at least most of) the *BSDs, nor on OS X.
They lack the wordexp() function, which rssh uses for command line
argument expansion. Until they have such a function (which is defined by
POSIX.2), rssh will not work with the BSDs out of the box.
Download Information:
To obtain the tool see the
<http://www.pizzashack.org/rssh/downloads.shtml>; Download page.
ADDITIONAL INFORMATION
To keep updated with the tool visit the project's homepage at:
<http://www.pizzashack.org/rssh/>; http://www.pizzashack.org/rssh/
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: [email protected]
In order to subscribe to the mailing list, simply forward this email to: [email protected]
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
