Feature request: allow chrooted directory writable by others

Stuart Henderson stu at spacehopper.org
Tue Jul 16 00:14:17 AEST 2019


On 2019/07/15 12:24, Ramón García wrote:
> Hello, I am trying to setup a file server using the SFTP protocol with OpenSSH.
> 
> I am in trouble because sshd refuses to chroot to a directory that is
> writable by users other than the owner.  I guess that this is to
> prevent someone else from creating a .ssh/authorized_keys file and
> impersonate the user. But we have configured an alternative
> AuthorizedKeysFile. I also understand that a chroot user needs a
> layout for login (/bin/bash, ...) or for executing the external
> sftp-server, and that nobody should be allowed to change it. But for
> an SFTP server that only serves files, using the internal-sftp server,
> that should not be a problema.
> 
> Note that this is extremely restrictive in practice. Even if one is
> very careful and only allows specific users to write (with acls)
> openssh refuses to chroot to that directory. And when one has to work
> with a speficied directory layout, required for compatibility with
> existing applications, it makes it very hard to implement a sftp file
> server.
> 
> I would like to  contribute a patch with an option
> StrictModesChrootDirectory . That option could be document with the
> reasons when it should not be used.

A similar patch was added to RHEL in the past, the result was
CVE-2009-2904 / https://bugzilla.redhat.com/show_bug.cgi?id=522141



More information about the openssh-unix-dev mailing list