[scponly] why does sftp (scponly ?) allow me to cd into
directories I shouldnt be able to ?
Paul Hyder
Paul.Hyder at noaa.gov
Wed Jun 28 19:23:12 EDT 2006
Good point. Does indeed seem to be an interesting sftp "feature". When
I sftp to a host without scponly the cd to a 0700 directory doesn't
generate any errors.
The best place (perhaps the only place) to get an answer would be the
openssh email list.
Paul Hyder
NOAA Earth System Research Laboratory, Global Systems Division
Boulder, CO
Ensel Sharon wrote:
> In unix file permissions, if a directory is 0700, and I am not the owner,
> or a member of the group, I cannot cd into that directory. The end.
>
> So I am _very_ surprised to find that when an scponlyc chrooted user uses
> sftp to connect to an scponly server, they can cd into others' incoming
> directories, even though those incoming dirs are 0700.
>
> Now, they can't see the contents of them, which is good (phew) but why can
> they cd into them at all ? Unix permissions says that they _most
> certainly cannot_.
>
> Is this some behavior of sftp, wherein if it sees a directory, and you
> tell it to cd there, it pretends that it does, or assumes that it does,
> even though it cannot ?
>
> As far as file access and cd'ing even deeper into the (wrong) users'
> incoming directory, it behaves the way I think it should, but why can sftp
> go into the first level of others' incoming directories ?
>
>
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
More information about the scponly
mailing list