sshd_config ChrootDirectory ambiguity...

Markus Friedl markus.r.friedl at arcor.de
Fri Nov 6 06:53:36 EST 2009


all components of the pathname

On Thu, Nov 05, 2009 at 02:38:05PM -0500, Robert Waite wrote:
> Under "ChrootDirectory" there is a line that says,
> 
> "This path, and all its components, must be root-owned directories
> that are not writable by any other user or group."
> 
> When I first read this "all its components" seemed to mean that
> all directories and files within this directory must be root owned
> and root only writable. This seemed odd as I would not be able
> to allow uploads if this was true.
> 
> In this ChrootDirectory I have three folders. I set them all to be
> owned by a non root user and writable by a group. When I log in, it
> works just as I hoped and I am able to upload now.
> I would have figured at the very least that "all its components" would
> mean that direct children of the ChrootDirectory would have to have the
> above mentioned restrictions. However, it did work.
> 
> So my question is... what is meant by "all its components"?
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


More information about the openssh-unix-dev mailing list