SUMMARY: telnet similar to anon ftp?

From: Rich Snyder (rsnyder@eos.hitc.com)
Date: Thu Mar 13 1997 - 13:09:42 CST


Original post:

> Hi managers!
>
> I've run into a situation several times where I want to allow people to
> telnet into a system, but restrict them to a portion of a directory tree
> similar to anonymous ftp. Usually this comes up when a client wants to
> have telnet access to their web directory on a shared server and a
> restricted shell doesn't cut it since you can still cat /etc/passwd and
> can't change directories (web site can't have a hierarchy). I am
assuming
> this isn't easy to do since most ISPs only allow ftp access to document
> directories.
>
> I checked the archives (www.dataman.nl/cgi-bin/sunmanagers) and couldn't
> find anything. Any suggestions / advice would be appreciated. I will
> summarize.
>
> Thanks,
>
> Rich Snyder
>
>

The general response was that there is no easy way to do this. Which is
actually good news since that's what I've been telling people. The
suggestion is to setup a directory similar to the instructions in "man
ftpd", copy or link to the utilities that you will need (perl, vi, etc.)
and then hack the user's shell to use chroot. It was suggested that since
several shells are available in source code, I could add the chroot() call
without too much effort. I think I'll leave this as an exercise for extra
credit until demand becomes overwhelming.

Thanks to all that responded!:

Pierre Padovani
Karl Vogel
Benjamin R. Cline
Stephen Harris
David Fetrow
Scott McGee
Robin Marquis
Kevin P. Inscoe

========================================
Rich Snyder
rsnyder@eos.hitc.com
Hughes Information Technology Systems
(301) 883-4046
========================================



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:48 CDT