[ALUG] sshd configuration problem

Chris G cl at isbd.net
Tue Dec 16 12:58:09 GMT 2008 

On Tue, Dec 16, 2008 at 10:10:32AM +0000, Brett Parker wrote:
> On 16 Dec 09:55, Chris G wrote:
> > On Tue, Dec 16, 2008 at 09:25:43AM +0000, Brett Parker wrote:
> > > On 15 Dec 23:32, Dan Hatton wrote:
> > > > On Mon, 15 Dec 2008, Chris G wrote:
> > > > 
> > > > > As I said I hardly matters as the command that needs to work is a
> > > > > backup command so anyone who can run the command can do just about
> > > > > anything they want - copy files, delete files, overwrite files, etc.
> > > > 
> > > > According to its manpage, super has the capability to restrict what
> > > > arguments are given to a command as well as the command itself.  I'm
> > > > guessing sudo has similar functionality available, right?
> > > 
> > > Yes, indeed it does, but it becomes "interesting" to get the recipe
> > > right. The fact that the command option in ssh's authorized_keys is well
> > > documented, and there are many examples that show how to "safely" set up
> > > dirvish via it, not least of all:
> > >     http://www.uno-code.com/?q=node/10
> > > 
> > > Now, as that limits the command to only what it trusts, i.e. only what
> > > is on the other machine in the authprogs.conf file... and stops
> > > *anything* else from running, i.e. there is no copy, delete or overwrite
> > > files... (also, sudo or super for firing off a rsync session is going to
> > > be a lot more complicated than just firing off the rsync session ;)
> > > 
> > How do you back up files without copying them?  :-)
> 
> Well, I suspect that it depends on your definition of copy... Now, as
> far as I'm concerned, what the rsync is actually doing on that end, i.e.
> the machine being backed up, is serving files, it's not copying
> anything... unless you count reading from disk to memory as a copy, or
> from memory to network as a copy... it's not writing anything to the
> local disk. So, err.
> 
It's copying files from the 'remote' machine to 'this' machine, I have
the backup running as a cron job on the system where the backups are
stored.  If that isn't 'copying files' then I don't know what is!  :-)

The issue is that as it is running with root privileges it can copy
*any* file it likes including all the ssh public and private keys so
once you have them you have a pretty free hand to do what you want
don't you?

-- 
Chris Green

More information about the main mailing list