ChrootDirectory on a per key basis
Teemu Ikonen
tpikonen at gmail.com
Mon Oct 27 03:06:45 EST 2008
Damien Miller wrote:
> No, letting users chroot to arbitrary directories introduces
> serious security problems. Think about hard-linking /bin/su into
> a chroot on the same filesystem where an attacker has filled in
> a friendly /etc/passwd.
OK, so adding chrootdir option to authorized keys is a bad idea.
Another way to achieve my objective, which is additional sftp file
access restrictions to connections authorized with certain keys, would
be to modify sftp-server to accept a directory parameter. The
authorized_keys could then have 'command="sftp-server -d
/home/user/stuff"' option to restrict access to /home/user/stuff.
Could this be made secure so that if an attacker has a copy of the
(passwordless) private key, he would not be able to access files outside
the given directory?
Teemu
More information about the openssh-unix-dev
mailing list