|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Anders Nordby (anders_at_FreeBSD.org)
Date: Sat Nov 16 2002 - 09:31:25 CST
Howdy,
I just finished a Perl program to verify whether the program intended
for running through SSH with key based authorization:
a) has only valid characters.
b) matches an authorized_keys configurable regexp, if you want to be
able to run for example "rsync --server WHATNOT.
example authorized_keys:
command="/usr/local/bin/checksshcmd -c \"^rsync --server \"" 1024 35
XXXXX.. foo
barhost
If a and be are not satisfied, program intended to run will not. I've
attached the program. I'd be happy to receive feedback on the
security/usability of it, as you see it. Or if you have any improvements
you can think of..
Sometimes you may need to allow the user to have som variations on the
commands to use, this is an attempt to address that as opposed to just
using command= some command that runs a specific command only.
(Perl haters can go to /dev/null.)
Cheers,
-- Anders.
- application/x-perl attachment: checksshcmd.pl
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]