chroot directory ownership
Dag-Erling Smørgrav
des at des.no
Tue Feb 21 22:40:31 EST 2012
Currently, sshd requires the chroot directory to be owned by root. This
makes it impossible to chroot users into their own home directory, which
would be convenient for sftp-only users. Is there a particular reason
why, in safely_chroot() in session.c,
if (st.st_uid != 0 || (st.st_mode & 022) != 0)
fatal("bad ownership or modes for chroot "
"directory %s\"%s\"",
cp == NULL ? "" : "component ", component);
can't be changed to
if ((st.st_uid != 0 && st.st_uid != uid) ||
(st.st_mode & 022) != 0)
fatal("bad ownership or modes for chroot "
"directory %s\"%s\"",
cp == NULL ? "" : "component ", component);
?
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the openssh-unix-dev
mailing list