[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: WebDAV

From: Robin Green
Subject: Re: [Gnu-arch-users] Re: WebDAV
Date: Fri, 9 Apr 2004 19:48:19 +0100
User-agent: Mutt/1.5.4i

On Fri, Apr 09, 2004 at 11:56:30AM -0400, Aaron Bentley wrote:
> Yet another instance where security is not simple.  I think "sftp" is a 
> misleading name, since ftp doesn't permit remote command execution.

On the contrary. Some ftp servers were implemented by calling the local
"ls" on the system, which led to exploits.

By contrast, sftp does not permit remote command execution. You can either
give someone a shell account, which implies sftp access - or, without any
third-party tools, you can put their public key in a special sftp user's
authorized_keys file and flag it so that it can _only_ be used to do sftp.
This is not well-known because it's tucked away in the openssh documentation.
> Absent a secure shell, sftp is less secure in some ways.


Attachment: pgptqq9xFRrE6.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]