request for feature
Damien Miller
djm at mindrot.org
Wed Apr 30 20:06:56 EST 2008
On Tue, 29 Apr 2008, Dirk.Lammers at Bertelsmann.de wrote:
>
> Dear developers,
>
> I need the feature of separately jailed, user writeable and user owned
> home dirs very badly because I have an SFTP server with 500 users who
> are partly nested
> could you please add a feature to set non root chroots with the %h
> option ? Otherwise I have to rewrite the chroot patch for 4.7p1 :-(
ChrootDirectory supports this right now.
Just create one more directory under the chroot for the user's home.
E.g. have your users home directory set as "/home", your ChrootDirectory
as "/chroot/%u".
sshd will chroot to /chroot/[user] and then chdir to /home relative
to the chroot path.
We will not be relaxing the permission checks, they are there for good
reasons. There are lots of nasty things a user can do if they can write
to what is effectively /
-d
More information about the openssh-unix-dev
mailing list