ChrootDirectory security

[Alexander Prinsier]

Alexander Prinsier wrote:
> I've tried many places, finally ending up here to ask my question: why
> is it so vital that the directory used with the ChrootDirectory
> directive is root-owned?

Thanks everyone for your valuable replies (and the off-list discussions).

And to make the archive complete: you can just comment a block of code
in safely_chroot() in session.c to remove the root-ownership check.

I hope this will be configurable some day. The introduction of
internal-sftp was one big step in the good direction, this option would
make it complete.

Alexander