ChrootDirectory %h
Peter Thomassen
mail at peter-thomassen.de
Sun May 3 03:17:26 EST 2009
Hi,
Jefferson Ogata schrieb:
> You need to understand the sort of scenario that exists when you allow
> users to control a directory that someone chroots to.
I now understood the security implications; thank you for your explanation.
But what about this (--> <gtccd8$p1q$1 at ger.gmane.org>)?
> 4.) A common application is to grant users SFTP access using the internal-sftp feature, and to force them into their home directories. Those users can't execute any binaries because command execution is handled by internal-sftp. In this case, there is absolutely not risk coming from setuid binaries.
> Suggestion: If ChrootDirectory is applied together with ForceCommand internal-sftp in the same context (configuration wide, or in a Match block), do not check for root ownership.
Do you think it is practical and justifiable in terms of security to
relax this constraint in the limited scope of SFTP?
Because the problem raises mainly in the context of SFTP, this would
help a lot of people.
Have a nice weekend,
Peter
More information about the openssh-unix-dev
mailing list