restricted shell
Andy Polyakov
appro at fy.chalmers.se
Tue May 1 02:38:15 EST 2001
> > > it's easier if the sftp-server does chroot.
i can't agree more. fyi, here is an elegant way to chroot in a program:
main (...)
{ /* main's original declarations */
if (geteuid() == 0)
{ char *chroot_to=NULL;
uid_t ruid=getuid();
if (chroot_to = getenv("CHROOT_DIR"))
{ setreuid(ruid,-1), setreuid(-1,ruid); /* beware the saved uid */
if (chdir(chroot_to)) exit (errno); /* as user! */
if (setreuid(-1,0) || chroot(".")) exit (errno); /* as root! */
runs_chrooted = 1;
}
setuid (ruid); /* resets *all* uids, no way back */
}
...
beauty is that chdir is performed as user (thus preventing the user from
chdir-ing to directory [s]he normally can't chdir to) while chroot as
root. yes, program has to set-root-uid, but you can do this as early as
first thing in main(). getenv("CHROOT_DIR") in only an example... and in
real-life one probably wants to print some error message, not just
exit(errno)...
a.
More information about the openssh-unix-dev
mailing list