Feature request: allow chrooted directory writable by others

Colin Watson cjwatson at debian.org
Thu Jul 18 18:50:35 AEST 2019

On Mon, Jul 15, 2019 at 12:24:30PM +0200, Ramón García wrote:
> Note that this is extremely restrictive in practice. Even if one is
> very careful and only allows specific users to write (with acls)
> openssh refuses to chroot to that directory. And when one has to work
> with a speficied directory layout, required for compatibility with
> existing applications, it makes it very hard to implement a sftp file
> server.

If you have very specific layout requirements, I wouldn't use OpenSSH.
At work we have SFTP servers implemented using Twisted Conch, which lets
us implement our own custom authentication/authorisation arrangements
and our own virtual file system layout.  This works well for us because
we're a Python shop, but I'm sure there are other possibilities too.

Colin Watson                                       [cjwatson at debian.org]

More information about the openssh-unix-dev mailing list