bugzilla-daemon at mindrot.org
2007-May-08 23:06 UTC
[Bug 177] provide chroot option for sftp-server
http://bugzilla.mindrot.org/show_bug.cgi?id=177 devel at homelinkcs.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |devel at homelinkcs.com ------- Comment #12 from devel at homelinkcs.com 2007-05-09 09:06 ------- (In reply to comment #11) So far, this is the best solution I have seen to the SFTP chroot problem. I would love to see it officially implemented, but may begin using it on a production system long before that. However, I would like to know what the potential risks are and would also like to help eliminate them if I can. So far, the only serious issue I've found is that tilde expansion done by the shell uses the $HOME environment variable, which can of course be set in .ssh/environment . If I can be of any help in addressing this or other issues, please let me know. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at bugzilla.mindrot.org
2007-May-10 22:02 UTC
[Bug 177] provide chroot option for sftp-server
http://bugzilla.mindrot.org/show_bug.cgi?id=177 --- Comment #13 from Joshua Pettett <devel at homelinkcs.com> 2007-05-11 08:02:44 --- Created an attachment (id=1277) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1277) Pre-shell tilde expantion proof-of-concept hack (In reply to comment #12)> So far, the only serious issue I've found is that tilde expansion > done by the shell uses the $HOME environment variable, which can of > course be set in .ssh/environment .In light of this, would it be appropriate for sshd to expand a tilde in a subsystem argument before passing it to the shell? A kludgy proof-of-concept hack is attached. -- Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.