Re: Forbidden commands
Brought to you by:
xystrus
Menu
▾
▴
Re: Forbidden commands
|
From: Russ A. <ea...@ey...> - 2019-11-22 17:23:37
|
Russ Allbery <ea...@ey...> writes: > You unfortunately can't. I couldn't convince myself that --daemon was > safe in the rssh security model. I should also add: If you're only using --daemon, consider whether the arguments to rsync vary with each invocation. I suspect that they don't, in which case you could use SSH's force-command option for authorized_keys rather than rssh. This doesn't give you the chroot inherently, but you could write a tiny helper that does the chroot, or use user namespaces to achieve an equivalent end. -- Russ Allbery (ea...@ey...) <https://www.eyrie.org/~eagle/> |
