About sftp chroot dev!
Robert
robert at openbsd.pap.st
Sat Aug 15 04:51:52 EST 2009
On Fri, 14 Aug 2009 14:31:14 -0300
Henrique Fernandes <sf.rique at gmail.com> wrote:
> I have an question, why you guys do not let chroot be owned by the
> user ?
>
>
> It would be a good way to chroot the users
>
> Cause like
>
> I want to chroot user in /chroot/%u
>
> But they can not write in this directory... i need to set another dir
> to them to be able to write, even when /chroot/ is onewd by root
>
> i want to be able to do this
>
> user1 be able to write in /chroot/user1 but not able to go down
> into /chroot/
> user2 same thing here.
>
> In that way, user1 will not be able even know if there is other files
> there...
>
> But with your code i have to do this
>
> set chroot dir to /chroot/ and set home in /etc/passwd to /user1
>
> But when uer 1 logs in he see /user1 and if he gos down with
> cd .. he is hable to see user2 and move around
>
> Is there anyway to do what i want ?
>
> And can you guys explain to me why the chroot path HAS to be owned by
> root ?
>
> Sorry , i know i am beeing annoying
>
> And Thanks anyway!
>
> --
> []'sf.rique
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Why?
Because of security reasons.
You might want to check the archives for this and the "general"
mailinglist. This topic as been discussed quite a lot.
If i remember correctly, also patches have been posted to get the
behaviour you'd like.
- Robert
More information about the openssh-unix-dev
mailing list