RE: request for feature

This is a discussion on RE: request for feature within the OpenSSH Development forums, part of the Networking and Network Related category; Hi Damien, thank you very much for your answer. I have an existing filesystem structure with 500, partly nested, users ...


Go Back   Usenet Forums > Networking and Network Related > OpenSSH Development

Reload this Page RE: request for feature

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 04-30-2008
 
Posts: n/a
Default RE: request for feature
Hi Damien,

thank you very much for your answer.

I have an existing filesystem structure with 500, partly nested, users
and for each user I'd to insert a 'chroot base'. This will lead to a
very strange directory structure like

/chroot/u/uhome
/chroot/u1/u1home/u2/u2home/u3/u3home
/chroot/u1/u1home/u4/u4home
.....


Doesn't look so good to me.


I don't understand what nasty things a user can do to his effective /
except destroying his own environment. And that would be a problem to
the user an not to the system.
A switch to enable non-roots chroots would be nice and the sysadmin
should decide if he wants to enable it.

So please add this feature

Depart from my request for feature I'd like to thank you very much for
your work on openssh which proofs the power and value of free software.


kind regards
Dirk


-----Original Message-----
From: Damien Miller [mailto:djm@mindrot.org]
Sent: Mittwoch, 30. April 2008 12:07
To: Lammers, Dirk, NMI-DC
Cc: openssh-unix-dev@mindrot.org
Subject: Re: request for feature

On Tue, 29 Apr 2008, Dirk.Lammers@Bertelsmann.de wrote:

>
> Dear developers,
>
> I need the feature of separately jailed, user writeable and user
> owned home dirs very badly because I have an SFTP server with 500
> users who are partly nested could you please add a feature to set non
> root chroots with the %h
> option ? Otherwise I have to rewrite the chroot patch for 4.7p1 :-(

ChrootDirectory supports this right now.

Just create one more directory under the chroot for the user's home.
E.g. have your users home directory set as "/home", your ChrootDirectory
as "/chroot/%u".

sshd will chroot to /chroot/[user] and then chdir to /home relative to
the chroot path.

We will not be relaxing the permission checks, they are there for good
reasons. There are lots of nasty things a user can do if they can write
to what is effectively /

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 12:10 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0