openssh bugs - Mar 2006 - [Bug 1176] Cannot set sticky bits via sftp

http://bugzilla.mindrot.org/show_bug.cgi?id=1176

           Summary: Cannot set sticky bits via sftp
           Product: Portable OpenSSH
           Version: 4.3p2
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sftp-server
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: paulg at chiark.greenend.org.uk







------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1176





------- Comment #1 from paulg at chiark.greenend.org.uk  2006-03-24 03:16
-------
It is not possible to set sticky bits via sftp due to the following code in the
process_setstat() function in sftp-server.c

if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
    ret = chmod(name, a->perm & 0777);
    if (ret == -1)
         status = errno_to_portable(errno);
}

If the user has shell access then they can execute a chmod command via ssh to
get round this therefore even if there is a security reason for doing this it
should at least be configurable. If there is a valid security reason for doing
this it should be noted in the FAQ.

I found this while attempting to use sshfs, which uses sftp underneath.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.