[scponly] chroot functionality ...

[ColinB]

An extra level of directory setting may be useful.

It is sometimes said that sftp users' home directories should be owned
and only writable by root to prevent a user fiddling with their .ssh
directory or files therein. This means that their home directory can
not be used for file transfer, so they are given a subdirectory which
*is* writeble by them. This would require a user to login and then
immediatley "cd" to their subdirectory before they could do anything
useful.

A useful addition to scponly would be the ability to tell scponly to
"cd" to a fixed subdirectory name before invoking the scp command.
Alternatively, it may be more convenient to set the home directory of
*all* users to the same (say) "/public/home", and then have scponly
"cd" into a subdirectory whose name was the same as the $USER env
variable.
 
This would keep the .ssh directory off limits to the sftp user and
would automatically place them in their writeable directory when they
logged-in.

It could be done by just a small hack to the source code, but it would
be nice to be able to set either scheme at configure time.



		
__________________________________ 
Do you Yahoo!? 
Take Yahoo! Mail with you! Get it on your mobile phone. 
http://mobile.yahoo.com/maildemo