again chroot

Manfred Heubach heubach at heubach-edv.de
Fri Nov 16 21:02:46 EST 2001


> -----Ursprüngliche Nachricht-----
> Von:	Markus Friedl [SMTP:markus at openbsd.org]
> Gesendet am:	Donnerstag, 15. November 2001 20:09
> An:	Manfred Heubach
> Cc:	'openssh-unix-dev at mindrot.org'
> Betreff:	Re: again chroot
>
>
> make sftp-server setuid root and let it do the chroot itself,
> depending on a config file, like /etc/sftp-chrootusers
>
> but you have to be careful. chroot $HOME is
> probably not really save if .ssh is writeable to
> the user. and so on.
>
> -m

Dear Markus,

how do I tell sftp-server about a file like /etc/sftp-chrootusers? I can't 
find any corresponding option. Is this already implemented or do I have to 
do the programming by myself?

Regards
Manfred



More information about the openssh-unix-dev mailing list