Soft chroot jail for sftp-server
Dimitri Nüscheler
dimitri.nuescheler at gmail.com
Sun Jan 12 10:21:09 EST 2014
Hi again
I refactored the patch. It's now more decoupled from the SFTP
processing code. All the syscalls used by the processing code now have
a proxy instead of having the processing code very jail-aware.
With that comes a functional difference: The content of a symlink is
not prepended with the jail path. Instead there is also a modified
realpath() also used by the other proxy-syscalls.
I will try to write tests for it. I don't know how to get full
coverage by just using sftp. Help appreciated and any hints on using
the existing regression test framework.
Regards
Dimitri
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sftp-server-soft-jail.patch
Type: text/x-patch
Size: 13831 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140112/d4464c66/attachment-0001.bin>
More information about the openssh-unix-dev
mailing list