[jira] [Updated] (SSHD-731) Vulnerability in SimpleAccessControlSftpEventListener implementation

Thu, 02 Mar 2017 09:37:25 -0800 

     [ 
https://issues.apache.org/jira/browse/SSHD-731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Goldstein Lyor updated SSHD-731:
--------------------------------
    Summary: Vulnerability in SimpleAccessControlSftpEventListener  
implementation  (was: Vanorability in SimpleAccessControlSftpEventListener  
implementation)

> Vulnerability in SimpleAccessControlSftpEventListener  implementation
> ---------------------------------------------------------------------
>
>                 Key: SSHD-731
>                 URL: https://issues.apache.org/jira/browse/SSHD-731
>             Project: MINA SSHD
>          Issue Type: Bug
>         Environment: <dependency>
>                 <groupId>org.apache.sshd</groupId>
>                 <artifactId>sshd-core</artifactId>
>                 <version>1.3.0</version>
>             </dependency>
> <dependency>
>                 <groupId>org.apache.sshd</groupId>
>                 <artifactId>sshd-contrib</artifactId>
>                 <version>1.3.0</version>
>             </dependency>
>            Reporter: Boris Fridland
>
> After implementing sftp access control by overriding 
> SimpleAccessControlSftpEventListener and adding it to SftpSubsystemFactory:
> Scenario:
> 1.set SimpleAccessControlSftpEventListener.isModificationAllowed to return 
> false
> 2.  Establish connection with WinScp
> 3. try to create new file
> expected result: access denied  message + no influence on file system
> actual: access denied  message, + empty file is written to server disc.
> in addition if existing file is opened, and being saved --> result is that 
> file content of is removed.
> Attached configuration code:
> SftpSubsystemFactory.Builder builder = new SftpSubsystemFactory.Builder();
>         builder.addSftpEventListener(new 
> SimpleAccessControlSftpEventListener() {
>             protected boolean isAccessAllowed(ServerSession session, String 
> remoteHandle, Path localPath)
>                     throws IOException {
>                 EUserAccessLevel level = 
> authorizationManager.getAccessLevel(session.getUsername());
>                 return level.hasReadAccess();
>             }
>             protected boolean isModificationAllowed(ServerSession session, 
> String remoteHandle, Path localPath)
>                     throws IOException {
>                 EUserAccessLevel level = 
> authorizationManager.getAccessLevel(session.getUsername());
>                return level.hasWriteAccess();
>             }
>         });
>         
> sshd.setSubsystemFactories(Collections.singletonList(builder.build()));
>         sshd.setCommandFactory(new ScpCommandFactory());
> Maven dependency
> <dependency>
>                 <groupId>org.apache.sshd</groupId>
>                 <artifactId>sshd-core</artifactId>
>                 <version>1.3.0</version>
>             </dependency>
> <dependency>
>                 <groupId>org.apache.sshd</groupId>
>                 <artifactId>sshd-contrib</artifactId>
>                 <version>1.3.0</version>
>             </dependency>



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to