[clue-admin] User setup for "member" accounts

skipworthy skipworthy at realivetech.com
Tue Dec 28 21:37:53 MST 2004 

Guys-

- I'd be happy to do some pen testing for you- I'm not an expert by any 
means, but I have the tools and some experience to point out holes
- What about putting user accounts in chroot ? I'm sure you've also 
considered something like user private groups and so on...

G



Collins Richey wrote:

>On Tue, 28 Dec 2004 21:43:30 -0700, Jeff Cann <j.cann at isuma.org> wrote:
>  
>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>On Tuesday 28 December 2004 9:32 pm, Collins Richey wrote:
>>    
>>
>>>As Jed mentioned, however, this isn't a perfectly secure environment.
>>>Users can create scripts that run bash to do things outside their home
>>>environment. They can't run ./xxx, but they can run bash xxx to do
>>>some unrestricted things, i.e. stuff any normal user could do.
>>>      
>>>
>>I'm wondering what other options there are besides restricted shell?
>>
>>I asked Lynn about it and he seemed determined to make it work.  In my
>>experience with other ISPs, the offered ssh access to what appeared to be a
>>'normal' shell account - ie., I could run stuff, create directories, etc.
>>However, due to UNIX permissions, I was unable to leave my directory.
>>
>>My point:  was I using a normal bash account or some other type of restricted
>>shell.  Perhaps these ISPs figured that I wouldn't abuse the servers (since
>>I'm paying for access).
>>    
>>
>
>I think you were using a normal shell account. Restricted accounts
>can't even issue cd. Obviously, they had other directory level
>restrictions and/or they provided a front end for some of the
>commands.
>
>  
>
>>I don't care how you guys decide to set up the member accounts, just curious
>>more than anything.
>>
>>    
>>
>
>My impression at this point is that the restricted shell setup can
>work, but according to the link Jed posted, there are some gotchas. I
>would recommend that we think this over a little more carefully, or
>the result may not be overly secure. Who in our group is the best
>security guru? It would be nice to have a fairly rigid setup in place
>before we fire this off to the users. The information from Debian
>provides a couple of suggestions for locking things down, but I for
>one would like to understand the security implications before
>proceeding. One rootkit is enough fun for a while. Perhaps we could
>get someone to try to crack the site after we've done the setup for a
>handful of users?
>
>  
>

More information about the clue-admin mailing list