Secure File Upload
Robbie Bow
robbiebow at gmail.com
Fri Nov 13 03:35:50 PST 2009
2009/11/12 Tom Hukins <tom at eborcom.com>:
> 1) Make the process as easy as possible for the uploader
> 2) Reduce the risk to my system, should the account become compromised
> 3) Reduce the chance of making the account compromised (encryption)
>
The lazy web suggests adding /path/to/openssh/sftp-server to
/etc/shells, making that the shell for the user, and then they can
only run SFTP commands, so any attempt at shell access will be
useless.
More information about the MiltonKeynes-pm
mailing list