chroot'd SFTP

[Peter Stuge]

On Mon, Jul 30, 2007 at 05:18:49PM +0300, Richard Storm wrote:
> > >> http://marc.info/?l=openssh-unix-dev&m=116043792120525&w=2
> > >
> > > The big problem with that patch is that it effectively allows non-root
> > > users to chroot to a directory of their choice.
> How!?

sftp-server has to be setuid root and invokable by all users that
should have SFTP access.

Granted, it could be argued that this is unimportant if there are
no users who can execute arbitrary commands in the system.


//Peter