bugzilla-daemon at bugzilla.mindrot.org
2009-Jun-30 20:46 UTC
[Bug 1616] New: root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616
Summary: root owned empty subdirs are deletable by chroot users
Product: Portable OpenSSH
Version: 5.2p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sftp-server
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: giulius at gmail.com
Successfully created a chroot sftp user and his structure:
nomad:~# grep prova /etc/passwd
prova:x:1000:107:,,,:/:/bin/false
nomad:~# grep ftponly /etc/group
sftponly:x:107:
nomad:~# less /usr/local/test_openssh/etc/sshd_config
...
Subsystem sftp internal-sftp
Match User prova
ForceCommand internal-sftp
ChrootDirectory /siuvar/chroots/prova/
AllowTcpForwarding no
X11Forwarding no
...
I already know it is not possible for the user prova to write directly
into the chroot dir "prova" :-( in which I've created a subdir
"www":
drwxr-xr-x 9 root root 4096 2009-06-30 22:31 .
drwxr-xr-x 3 root root 4096 2009-06-30 21:34 ..
drwxr-xr-x 2 prova sftponly 4096 2009-06-30 22:07 www
The bug: is always possible by prova user via FileZilla client to
delete any "www" subdir if empty and owned by users other than prova.
If the subdir contains root files (or files owned by users other than
prova) the subdir is not deletable.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Jul-01 09:15 UTC
[Bug 1616] root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616
Giulio Di Giuliomaria <giulius at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #1 from Giulio Di Giuliomaria <giulius at gmail.com>
2009-07-01 19:15:08 ---
Ops! May not be a bug but a standard beheviour on ext3 fs!
Solved changing:
drwxr-xr-x 2 prova sftponly 4096 2009-06-30 22:07 www
to:
drwxrwxr-x 2 root sftponly 4096 2009-06-30 22:07 www
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Jul-01 09:42 UTC
[Bug 1616] root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616
Giulio Di Giuliomaria <giulius at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |
--- Comment #2 from Giulio Di Giuliomaria <giulius at gmail.com>
2009-07-01 19:42:39 ---
No. Also with this permissions
drwxrwxr-x 2 root sftponly 4096 2009-06-30 22:07 www
a root owned empty subdir of "www" may be erased by user
"prova"
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Jul-01 10:26 UTC
[Bug 1616] root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616
Tomas Mraz <t8m at centrum.cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |INVALID
CC| |t8m at centrum.cz
--- Comment #3 from Tomas Mraz <t8m at centrum.cz> 2009-07-01 20:26:28
---
Huh, please learn more about UNIX/Linux DAC permissions.
You need sticky bit set on the www directory if you don't want users
delete each other's files.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Jul-01 11:11 UTC
[Bug 1616] root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616 --- Comment #4 from Giulio Di Giuliomaria <giulius at gmail.com> 2009-07-01 21:11:57 --- (In reply to comment #3)> Huh, please learn more about UNIX/Linux DAC permissions. > > You need sticky bit set on the www directory if you don't want users > delete each other's files.Yes, I did the correct permission drwxrwxr-t 2 root sftponly 4096 2009-06-30 22:07 www and worked as in comment #1 but for some reason I checked later an old config and posted again. My apologise :-), thanx. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Oct-06 04:02 UTC
[Bug 1616] root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #5 from Damien Miller <djm at mindrot.org> 2009-10-06 15:02:08
EST ---
Mass move of RESOLVED bugs to CLOSED now that 5.3 is out.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.