Disallow some sftp commands
René Ribaud
rene.ribaud at gmail.com
Thu Sep 7 19:28:38 AEST 2017
On Thu, 2017-09-07 at 09:13 +1000, Damien Miller wrote:
> On Wed, 6 Sep 2017, René Ribaud wrote:
>
> > Hello,
> >
> > Couple of days ago, I received a request from a customer.
> > He wants to provide sftp users access to a directory tree
> > containing files.
> > The users must have full rights, but he also wants to avoid moving
> > or
> > deleting directories. This is mostly to prevent mistakenly drag and
> > drop from user's graphical client (Filezilla).
> > Said differently, he wants to protect the directories organization.
> >
> > First, I tried to find how to do that from system point of view.
> > But it
> > looks not easilly possible according to what customer wants to do.
> >
> > So as a proof of concept, I decided to do it from the application
> > side,
> > modifying the sftp server by answering ok and not doing the rmdir
> > and
> > rename commands (ugly patch below).
> > It works as expected and seems to satisfy the customer.
> >
> > Do you think, it is something that could be implemented upstream ?
>
> I added this ability 4 years ago. See the -p/-P and -Q flags for
> sftp-server.
>
> These are the requests that can be while/blacklisted:
>
> [djm at natsu]$ /usr/libexec/sftp-server -Q requests
> open
> close
> read
> write
> lstat
> fstat
> setstat
> fsetstat
> opendir
> readdir
> remove
> mkdir
> rmdir
> realpath
> stat
> rename
> readlink
> symlink
> posix-rename
> statvfs
> fstatvfs
> hardlink
> fsync
>
> -d
>
Sorry, I completely missed these options mainly because it is not
available with the CentOS 6 sftp-server. And I don't know why, I didn't
checked the man pages of the latest release....
Anyway thank you really much Damien that's exactly what we need.
Regards.
René.
More information about the openssh-unix-dev
mailing list