About sftp chroot dev!

Robert robert at openbsd.pap.st
Sat Aug 15 04:51:52 EST 2009

On Fri, 14 Aug 2009 14:31:14 -0300
Henrique Fernandes <sf.rique at gmail.com> wrote:

> I have an question, why you guys do not let chroot be owned by the
> user ?
> It would be a good way to chroot the users
> Cause like
> I want to chroot user in /chroot/%u
> But they can not write in this directory... i need to set another dir
> to them to be able to write, even when /chroot/ is onewd by root
> i want to be able to do this
> user1     be able to write in /chroot/user1   but not able to go down
> into /chroot/
> user2    same thing here.
> In that way, user1 will not be able even know if there is other files
> there...
> But with your code i have to do this
> set chroot dir to /chroot/ and set home in /etc/passwd  to /user1
> But when uer 1 logs in he see   /user1   and if he gos down with
> cd .. he is hable to see user2 and move around
> Is there anyway to do what i want ?
> And can you guys explain to me why the chroot path HAS to be owned by
> root ?
> Sorry , i know i am beeing annoying
> And Thanks anyway!
> --
> []'sf.rique
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

Because of security reasons.

You might want to check the archives for this and the "general"
mailinglist. This topic as been discussed quite a lot.
If i remember correctly, also patches have been posted to get the
behaviour you'd like. 

- Robert

More information about the openssh-unix-dev mailing list