On Tue, May 8, 2012 at 2:14 PM, Derek Martin <[email protected]> wrote:
> [Resent to correct recpients; moderators, please approve THIS
> message.]
>
> rssh is a shell for restricting SSH access to a machine to only scp,
> sftp, or a small set of similar applications.
>
> http://www.pizzashack.org/rssh/
>
> Henrik Erkkonen has discovered that, through clever manipulation of
> environment variables on the ssh command line, it is possible to
> circumvent rssh. As far as I can tell, there is no way to effect a
> root compromise, except of course if the root account is the one
> you're attempting to protect with rssh...
>
That..... is a big, big problem. I've occasionally used it for root access
for backup operations and remote init script management or various "trap"
events from bug reporting.
> This project is old, and I have no interest in continuing to maintain
> it. I looked for easy solutions to the problem, but in discussing
> them with Henrik, none which we found satisfactorily address the
> problem. Fixing this properly will require more work than I want to
> put into it.
>
> Note in particular that ensuring that the AcceptEnv sshd configuration
> option need not be turned on for this exploit to work.
>
Is it still a problem with OpenSSH version 6, which was recently published?
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
rssh-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rssh-discuss
