[Buildroot] [PATCH] package/openssh: Set /var/empty permissions
Arnout Vandecappelle
arnout at mind.be
Sun Feb 3 21:01:23 UTC 2019
On 18/12/2018 00:37, Chris Lesiak wrote:
> I can certainly submit a new version that adds the following change:
>
> define OPENSSH_USERS
> - sshd -1 sshd -1 * - - - SSH drop priv user
> + sshd -1 sshd -1 * /var/empty /bin/false - SSH drop priv user
> endef
>
>
> Is everyone happy with using /var/empty as the home directory? It isn't
> obvious that /var/empty should belong to sshd.
It doesn't belong to sshd. There are plenty of system users that have home
directories like / or /sbin.
Note that there is no need to set the shell. - does not exist, so logging in as
that user doesn't work, which is what we want. I even think login treats it special.
But changing the home directory of sshd would probably be good.
Regards,
Arnout
More information about the buildroot
mailing list