ChrootDirectory security
Alexander Prinsier
aphexer at mailhaven.com
Sun Mar 29 06:21:50 EST 2009
Hello,
I've tried many places, finally ending up here to ask my question: why
is it so vital that the directory used with the ChrootDirectory
directive is root-owned?
Like many people I'm trying to use this in a webhosting environment
where several users get sftp-only access to some directory, usually
something like /home/user/web/part-of-website.
I can be sure that there are no setuid binaries in /home, so that rules
out some possible vulnerabilities. Could anyone tell me what other
problems a non-root-owned chroot directory could create?
Thanks!
(Please CC me).
Alexander
More information about the openssh-unix-dev
mailing list