(this is the third try. In the previous mails the body was empty)
Hi,
I set up a chroot sftp server by following this guide:
https://wiki.archlinux.org/index.php/SFTP_chroot
Things work well, with one exception:
The root directory is not writable.
The above docs give a hint how to work around this.
But this is just a work-around.
In my context I need a writable (ch)root directory.
Is there a way to get both?
- chroot
- writable root
Currently it does not work
===> sftp mysftpuser at remote-host: <<< $'put foo.txt'
Connected to remote-host.
Changing to: /
sftp> put foo.txt
Uploading foo.txt to /foo.txt
remote open("/foo.txt"): Permission denied
Here the permissions:
remote-host:~ # ls -ld /home/mysftp/
drwxr-xr-x 2 root root 4096 Dez 20 14:17 /home/mysftp/
Regards,
Thomas
--
Thomas Guettler http://www.thomas-guettler.de/
I am looking for feedback: https://github.com/guettli/programming-guidelines
On 05/01/18 02:44, Thomas G?ttler wrote:> I set up a chroot sftp server [...] > Is there a way to get both? > > ?- chroot > > ?- writable rootThe source code (sftpd.c) seems to require that the root directory be owned by root and not group or world writable, so I think, no, not unless you make local source changes. I wonder why you need writable root directory.? The normal way of setting up chroot sftp is to put the user directory under the chroot, so, for example, /sftp is the chroot, and /sftp/user is the directory that user uses for sftp.? You still need a home directory for that user, i.e. /home/user, to contain the .ssh directory and authorized_keys file, however, you set a ForcedCommand in /etc/ssh/sshd_config for that user, preventing the user from accessing any file outside of the chroot.? I've set this up recently, and the only disappointment I have is that (without a custom patch) I can't force permissions on uploaded files. This advice assumes you do not want to allow the user to run any desired command.
On Fri, 2018-01-05 at 16:00 +1030, David Newall wrote:> On 05/01/18 02:44, Thomas G?ttler wrote: > > I set up a chroot sftp server [...] > > Is there a way to get both? > > > > - chroot > > > > - writable root > > The source code (sftpd.c) seems to require that the root directory > be > owned by root and not group or world writable, so I think, no, not > unless you make local source changes.Yes, you are right. The chroot directory can not be writable. We were there once and they called it CVE-2009-2904. In short, if the confined user has write access to the chroot directory, there are ways how to get out, gain privileges and or do other nasty things. You should not do that. If you aim for the end-user comfort that he does not have to change directory before uploading/downloading files, there is -d switch to the sftp-server, which changes the start directory after startup automatically. Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc.