Displaying 2 results from an estimated 2 matches for "026981".
Did you mean:
026986
2018 Jan 05
3
SFTP chroot: Writable root
On Fri, 2018-01-05 at 16:00 +1030, David Newall wrote:
> On 05/01/18 02:44, Thomas G?ttler wrote:
> > I set up a chroot sftp server [...]
> > Is there a way to get both?
> >
> > - chroot
> >
> > - writable root
>
> The source code (sftpd.c) seems to require that the root directory
> be
> owned by root and not group or world writable, so I
2018 Jan 05
3
SFTP chroot: Writable root
...ereby gain root inside the chroot.
Chroots are easily escapable by root (e.g.
https://filippo.io/escaping-a-chroot-jail-slash-1/).
The particular case Jakub is referring to is:
https://bugzilla.redhat.com/show_bug.cgi?id=522141
https://lists.mindrot.org/pipermail/openssh-unix-dev/2008-November/026981.html
has some recommendations for making the default directory that users
start in be writable in a less dangerous way.
--
Colin Watson [cjwatson at debian.org]