On Mar 2, 2015, at 3:43 PM, Tim Dunphy <bluethundr@xxxxxxxxx> wrote:
>
>>
>> errr, I meant, sftp, not rscp
>
> But the client isn't gonna go for that. LOL.
Why not?
SFTP clients are now as readily available as FTP clients.
Unless you’re going to tell me it needs to be done from a box you absolutely positively cannot install any new software on, I simply don’t believe that you cannot use anything but FTP.
> Or does that just defeat the purpose of
> having a secure SELlinux server entirely?
Not exactly, but it fights the same set of goals that SELinux was created to support.
The point of SELinux is to erect walls that prevent a lesser breach from turning into a total breach of the system’s security. Allowing FTP doesn’t prevent SELinux from working.
If FTP exposes one of your user’s passwords to the wide world, *theoretically* that means you have done nothing worse than providing unauthorized users access to that user’s account.
(Not that that isn’t bad enough.)
Unfortunately, local root-escalation exploits pop up from time to time which allow anyone with a login on that box to turn themselves into superuser, which allows them to defeat SELinux.
Incidentally, it is possible to configure SSH to allow SFTP but not interactive logins. You should also chroot SFTP users. This thread seems to have the details you need:
https://www.centos.org/forums/viewtopic.php?t=2080
By doing that, even a bad user who gives away their login credentials to a bad actor isn’t opening you to a risk of a local root escalation exploit.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
