SFTP chroot: Writable root

Jakub Jelen jjelen at redhat.com
Fri Jan 5 20:36:18 AEDT 2018


On Fri, 2018-01-05 at 16:00 +1030, David Newall wrote:
> On 05/01/18 02:44, Thomas Güttler wrote:
> > I set up a chroot sftp server [...]
> > Is there a way to get both?
> > 
> >  - chroot
> > 
> >  - writable root 
> 
> The source code (sftpd.c) seems to require that the root directory
> be 
> owned by root and not group or world writable, so I think, no, not 
> unless you make local source changes.

Yes, you are right. The chroot directory can not be writable. We were
there once and they called it CVE-2009-2904. In short, if the confined
user has write access to the chroot directory, there are ways how to
get out, gain privileges and or do other  nasty things. You should not
do that.

If you aim for the end-user comfort that he does not have to change
directory before uploading/downloading files, there is -d switch to the
sftp-server, which changes the start directory after startup
automatically.

Regards,
-- 
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.



More information about the openssh-unix-dev mailing list