Ramón García
2023-Aug-03 17:25 UTC
Would it be posible to make more flexible the checks for chroot directories?
When I try to setup an Openssh server the error appears when I attempt to login: fatal: bad ownership or modes for chroot directory component "/" The problem with this check is that it forces me to make my setup less secure. In my setup, openssh is running inside a container. The home directory appears to be owned by nobody, but it is actually owned by root of the host machine, and for further security, this root user is not accessible inside the container. Thus, even if someone finds a vulnerability in Openssh and is able to run as the root user, he is inside the container, and cannot write to most of the directories of the container. So this check makes it more difficult to improve the security of my system. Could you please consider an option to disable this check or to make it more flexible? For me, an alternative user to "root" for the check would be enough.
Seemingly Similar Threads
- [LLVMdev] Introducing myself, and Java project.
- [LLVMdev] Introducing myself, and Java project.
- [LLVMdev] Proposal for a Google summer of code project for the Java frontend.
- [LLVMdev] Proposal for a Google summer of code project for the Java frontend.
- [LLVMdev] Introducing myself, and Java project.