chroot sftp-server [PATCH]
Markus Friedl
markus.friedl at informatik.uni-erlangen.de
Sat May 26 03:27:02 EST 2001
On Fri, May 25, 2001 at 04:21:33PM +1000, Damien Miller wrote:
> On Fri, 25 May 2001, Andrew Bartlett wrote:
>
> > Is there any way of making this work? This is the method I much prefer,
> > and was looking at implementing a while ago. I'm glad sombodies taken a
> > stab at it.
> >
> > I run SFTP specificly becouse it does not require a ROOT deamon (apart
> > from OpenSSH, which I run already) nor does it require a set-uid
> > binary. Hence my interest in this patch.
>
> I am not to fussed about a setuid sftp-server, so long as it does
> does chdir,chroot,setuid as its first actions. IMO this is preferable
> to patch-checking schemes which introduce complexity and may be
> possible to fool.
i think i agree with Damien on this issue.
if we want a restricted sftp-server, that the OS should take care
about what files can be accessed. an the simplest way to acheive
this is to have a croot() at the start of sftp-server.
this is much simpler that adding checks to every place in sftp-server
where pathnames are handled.
why not reuse this nice feature of the OS? why invent a new mechanism
if a nice and elegant mechanism already exists (with chroot)?
-markus
More information about the openssh-unix-dev
mailing list