I'm quoting the whole text, as it has been a while this was posted.
Andy Polyakov, on July 14. 2000, wrote:
: > When my users (including me) try to sftp using the Win-2.2.0.exe
: > program to a 2.2.0 server, the file that they upload gets the error
: > below. The file is also given root:root ownership and perms 0000.
:
: This is outrageous! Following is (relevant) output from 'truss -p
: <sftp-server-pid>' on Solaris box:
:
: unlink("/my/dir/a.txt") = 0
: open("/my/dir/a.txt", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
: fchmod(3, 0) = 0
: fchown(3, 0, 0) Err#1 EPERM
: fchmod(3, 0100666) = 0
: utime("/my/dir/a.txt", 0xEFFFF94C) = 0
: fchmod(3, 0100666) = 0
: utime("/my/dir/a.txt", 0xEFFFF94C) = 0
: close(3) = 0
:
: Well, if Solaris whould let 'fchown(3,0,0)' through then I would also
: get root:root and 0000 perms and the error message... Sometimes I really
: wonder how do they think... To blindly beleive what a windows box say...
: How does uid-gid calculated? How does 666 get calculated? I mean in
: fchmod...
This has absolutely no impact on security. The sftp-server is running
on the user's privileges. I agree it shouldn't by default try to
change the files ownership, but that only leads to an error
message.
If you were root and you were copying a file in a system, and gave a
command like "cp -p ~user_a/archive /system/archive" wouldn't you want
the uid of the file to remain same? That is the logic behind this, but
this will be made an additional option and won't be used with "-p".
: > sftp to 2.0.13 seems to be OK too.
:
: 2.1.0 (server) is flawed.
No. If you don't believe me, please RTFS.
: > ******
: >
: > error output from Win sftp app.
: >
: > file(s); permissions acmodtime
: > Transfer failed with error 7: /home/calvin/check.c: No privileges to
: > change attributes on destination file. (this probably isn't anything,
: > as non-roots rarely can re-set files owner)
: > DONE - 1 Files 2,892 Total
: > Encountered 2 errors.
: >
: > Any ideas or suggestions?
:
: As temporary workaround advice to switch off "preserve original file
: time" in "file transfer" preferences. I wish I could say "file a bug
: report"... but I can't as SSH Communications "... regret that we are
: unable to provide support from SSH Communications for either
: Non-commercial licenses or for University users."
: Well, I myself survive
: and might even share a patch (for the sftp-server naturally:-) with the
: community...
Sorry for the default message, but there is nothing we can do about
it. Myself, I'm no support engineer, but still I read bug reports and
answer the ones that pertain to outstanding bugs etc. Or would you
like to answer every 9 in 10 mails like "Please upgrade your ssh, the
distribution can be found from ftp://ftp.ssh.com/pub/ssh"? You would
be amazed how many people still run versions under 2.0.13 of our
software.
Sending mail to our support-addresses has a meaning, because we try to
fix all outstanding bugs. We can't, if you don't tell us what is
wrong. Even if your mail isn't answered, it will be read.
--
[[EMAIL PROTECTED] -- Sami J. Lehtinen -- [EMAIL PROTECTED]]
[work:+358 9 85657425][gsm:+358 50 5170 258][http://www.iki.fi/~sjl]
[SSH Communications Security Corp http://www.ssh.com/]
