bugzilla-daemon at mindrot.org
2006-Mar-23 16:12 UTC
[Bug 1176] Cannot set sticky bits via sftp
http://bugzilla.mindrot.org/show_bug.cgi?id=1176 Summary: Cannot set sticky bits via sftp Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy: paulg at chiark.greenend.org.uk ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Mar-23 16:16 UTC
[Bug 1176] Cannot set sticky bits via sftp
http://bugzilla.mindrot.org/show_bug.cgi?id=1176 ------- Comment #1 from paulg at chiark.greenend.org.uk 2006-03-24 03:16 ------- It is not possible to set sticky bits via sftp due to the following code in the process_setstat() function in sftp-server.c if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { ret = chmod(name, a->perm & 0777); if (ret == -1) status = errno_to_portable(errno); } If the user has shell access then they can execute a chmod command via ssh to get round this therefore even if there is a security reason for doing this it should at least be configurable. If there is a valid security reason for doing this it should be noted in the FAQ. I found this while attempting to use sshfs, which uses sftp underneath. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.