John Barber reported a problem where, if the system
administrator misconfigures rssh by providing too few access
bits in the configuration file, the user will be given
default permissions (scp) to the entire system, potentially
circumventing any configured chroot. Fixing this required a
behavior change: in the past, using rssh without a config
file would give all users default access to use scp on an
unchrooted system. In order to correct the reported bug,
this feature has been eliminated, and you must now have a
valid configuration file. If no config file exists, all
users will be locked out.