About sftp chroot dev!
robert at openbsd.pap.st
Sat Aug 15 04:51:52 EST 2009
On Fri, 14 Aug 2009 14:31:14 -0300
Henrique Fernandes <sf.rique at gmail.com> wrote:
> I have an question, why you guys do not let chroot be owned by the
> user ?
> It would be a good way to chroot the users
> Cause like
> I want to chroot user in /chroot/%u
> But they can not write in this directory... i need to set another dir
> to them to be able to write, even when /chroot/ is onewd by root
> i want to be able to do this
> user1 be able to write in /chroot/user1 but not able to go down
> into /chroot/
> user2 same thing here.
> In that way, user1 will not be able even know if there is other files
> But with your code i have to do this
> set chroot dir to /chroot/ and set home in /etc/passwd to /user1
> But when uer 1 logs in he see /user1 and if he gos down with
> cd .. he is hable to see user2 and move around
> Is there anyway to do what i want ?
> And can you guys explain to me why the chroot path HAS to be owned by
> root ?
> Sorry , i know i am beeing annoying
> And Thanks anyway!
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
Because of security reasons.
You might want to check the archives for this and the "general"
mailinglist. This topic as been discussed quite a lot.
If i remember correctly, also patches have been posted to get the
behaviour you'd like.
More information about the openssh-unix-dev