[Bug 1176] Cannot set sticky bits via sftp
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Mar 24 03:16:02 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=1176
------- Comment #1 from paulg at chiark.greenend.org.uk 2006-03-24 03:16 -------
It is not possible to set sticky bits via sftp due to the following code in the
process_setstat() function in sftp-server.c
if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
ret = chmod(name, a->perm & 0777);
if (ret == -1)
status = errno_to_portable(errno);
}
If the user has shell access then they can execute a chmod command via ssh to
get round this therefore even if there is a security reason for doing this it
should at least be configurable. If there is a valid security reason for doing
this it should be noted in the FAQ.
I found this while attempting to use sshfs, which uses sftp underneath.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list