Proposal: Different handling of ChrootDirectory

Samuel Vogel samydelux at gmail.com
Mon Dec 29 12:00:11 EST 2008


Hey guys,

I have read all the messages regarding this issue on the mailing list 
and I did notice that quite a few people are not exactly happy with the 
new easiness of the chroot support introduced to openssh.
I'm one of them and I think to support my special configuration, the 
implementation would need to be changed.

I'm right now setting up a small web hosting company an every webspace 
can of course have multiple (S)FTP accounts. The main account of course 
have access to the "root-dir" of the webspace. This would be 
"/www/123456" for example. I do understand, that by introducing a 
subdirectory ("/www/123456/subdir" and chroot to "/www/123456/"), this 
directory structure could be made to work with the chroot implementation 
of openssh.

But now lets say the user wants to create an account which can only 
access the wordpress subdirectory of his webspace. This would be 
"/www/123456/subdir/wordpress". If I chroot the new user into the 
mentioned directory, he can not create new files. Chrooting him to 
"/www/123456/subdir" is also not an option, because there could be other 
subdirectories than only "wordpress". And introducing another subfolder, 
would totaly mess up the directory structure of the webspace, since the 
user might only decide later on to add a new (S)FTP Account. So I would 
have to move around his directories.

As I see it, in my case the only option would be to let the user write 
in his ChrootDirectory. I did read that this has some security 
implications, but maybe there is a way to work them out or somebody has 
a different proposal for my problem.

I hope I didn't express myself to complicated. If so, feel free to ask 
for clarification!

Any pointers are appreciated!

Regards,
Samy


More information about the openssh-unix-dev mailing list