sftp-server and chown
Markus Friedl
Markus.Friedl at informatik.uni-erlangen.de
Thu Feb 22 02:08:27 EST 2001
On Wed, Feb 21, 2001 at 03:37:18PM +0100, Andy Polyakov wrote:
> I've already discussed this issue in SSHSCI's SSH 2.2 context on
> ssh at clinet.fi list. My standpoint is that it's wrong and meaningless
> to perform chown in sftp-server as the file is most likely copied
> between systems with distinct accounting system where user is not
> necessarily (and even unlikely) has same numeric user id.
If the sftp-client sends a request for CHOWN, why should I
ignore it?
sftp-server is running with the uid/privileges of the user, so why
care? and if the client does not send CHOWN, i don't call chown().
> In addition
> I think it's also irresponsible to blindly chmod files as different
> systems might have different access policies (e.g. different umasks).
> Therefore following patch (relative to OpenSSH 2.5.1p1) is suggested.
The sftp-server runs under the uid of the user, and the enviroment is
setup by executing the login shell, so umask is set.
perhaps am i missing the point...
-markus
More information about the openssh-unix-dev
mailing list