[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Public guix offload server
From: |
indieterminacy |
Subject: |
Re: Public guix offload server |
Date: |
Mon, 25 Oct 2021 11:27:36 +0200 |
Hi Arun,
Researching git-shell, I noticed an example of how Less could be
exploited to increase. privileges:
=> https://hackaday.com/2017/05/10/git-shell-bypass-less-is-more/
It suggests enabling the no-pty flag to mitigate this.
I think it would be great to utilise git-shell (and I am interested in
it for my own activities.
Do anybody have detailed research regarding SSH access with no shell access?
Kind regards,
Jonathan
Arun Isaac <arunisaac@systemreboot.net> writes:
> [[PGP Signed Part:Undecided]]
>
>>> $ export GUIX_DAEMON_SOCKET=ssh://charlie@sandbox.guix.gnu.org:22
>>> $ guix build foo
>>
>> …requires an SSH access by ’charlie’ to sandbox.guix.gnu.org, And they
>> think this access is risky.
>
> We could provide SSH access but no shell access. We could use some
> restricted shell in the spirit of git-shell. All we need is port
> forwarding through SSH, not shell access.
>
> [[End of PGP Signed Part]]
- Re: Public guix offload server, (continued)
- Re: Public guix offload server, zimoun, 2021/10/21
- Re: Public guix offload server, Tobias Geerinckx-Rice, 2021/10/21
- Re: Public guix offload server, zimoun, 2021/10/21
- Re: Public guix offload server, Jonathan McHugh, 2021/10/21
- Re: Public guix offload server, zimoun, 2021/10/21
- Re: Public guix offload server, Tobias Geerinckx-Rice, 2021/10/21
- Re: Public guix offload server, zimoun, 2021/10/22
- Re: Public guix offload server, Arun Isaac, 2021/10/23
- Re: Public guix offload server, zimoun, 2021/10/23
- Re: Public guix offload server, Arun Isaac, 2021/10/24
- Re: Public guix offload server,
indieterminacy <=
- Re: Public guix offload server, Jonathan McHugh, 2021/10/22
Re: Public guix offload server, Arun Isaac, 2021/10/21
Re: Public guix offload server, Ludovic Courtès, 2021/10/29
Re: Public guix offload server, Leo Famulari, 2021/10/20