Andy Polyakov, on August 23. 2000, wrote:
: > If you run ssh-chrootmgr, it will set up the environment for you
: > so you don't have to deal with this manually.
: >
: > # ssh-chrootmgr username
: >
: > This should do the trick :)
:
: In few cases (most notably on Linux)...
And *BSD, and OSF/1 4.0x. (which we have tried)
: > Remember, it sets up a chrooted environment for
: > sftp only.
:
: Why can't you move the call to chroot(2) to sftp-server instead?
: Comments in ssh-chrootmgr say "copy static binaries to ~/bin." Some
: modern OSes (Solaris, IRIX to mention a couple) provide very limited
: support (if any) for static linking. E.g. under Solaris you can't get
: rid of reference to run-time linker ld.so (at least there is no
: documented way as they do provide pure statically linked applications in
: /usr/sbin/static). In such cases you have to copy all the shared
: libraries those binaries refer to at run-time (in Solaris case meaning
: that it depends on current CPU arch and locale), as well as run-time
: linker... In Solaris case you would also have to create /dev/zero which
: by the way wouldn't work if directory is mounted with nosiud flag. So
: why not move chroot(2) to sftp-server? At least it shall work on *any*
: platform and no questions will ever be asked (fingers crossed:-)...
We thought about this long and hard. Problem is that subsystems are
executed with users' privileges, and chroot() doesn't fit that bill
too well. Subsystem is basically a simple command, but it just treated
specially in the client and server (in that client request's a
subsystem, not a command, and the server can have it configured in
anyway it likes). Also (I'm not _absolutely_ sure about this) we would
probably be against the protocol draft, if this modification was made
(executing it with root-privileges). Also, I'm very weary about
executing anything with root privileges, unless the code has been
designed and reviewed and re-reviewed ad nauseaum. In short, it is
a pain, because of the extra risk.
So, I don't think we can do this in the near future. Yeah, I'm not
delighted either, but there aren't any good solutions readily
available for this.
BTW, I changed scp and sftp to _not_ try to set the UID and GID of the
remote file when copying with "-p". So bitching about these does have
effect :)
I noticed that HP-UX also "supports" file giveaways...
: Andy.
--
[[EMAIL PROTECTED] -- Sami J. Lehtinen -- [EMAIL PROTECTED]]
[work:+358 9 85657425][gsm:+358 50 5170 258][http://www.iki.fi/~sjl]
[SSH Communications Security Corp http://www.ssh.com/]
