Being a shell provider - good business?
cyberleo at cyberleo.net
Tue Sep 16 05:46:40 UTC 2008
Ted Mittelstaedt wrote:
> But getting back to the discussion - the OP's friend seemed like
> he -wanted- to get involved in some rather Bad People.
I'm not entirely sure, but I can't find anyone in this thread whose
actually talked with the OP's friend other than the OP themselves, who
seems to be biased against the idea in the first place. I'm not sure how
such an assertion can be safely made under the circumstances.
Personally, I've always been looking for ways to secure the shell
service I provide, for things such as webspace file transfer and
MUCK/MUD gameserver hosting. I dislike providing FTP to people, as it's
so insecure and firewall-unfriendly, but chrooting SSH/SFTP in a
suitable manner is something I've never been able to successfully complete.
I had something going with Busybox on a test linux box, but alas,
compilation fails horribly on FreeBSD for reasons not adequately explored.
So, for now, I stick with judicious use of UID-based firewall rules,
careful application of unix file permissions, the
security.bsd.see_other_uids sysctl, and knowing personally each person I
host, so I can personally deal with them if they venture into
<CyberLeo at CyberLeo.Net>
Furry Peace! - http://wwww.fur.com/peace/
More information about the freebsd-questions