[scponly] Relative listing outside scponlyc chroot jail allowed?

Jan Mazáč jan at hifi-web.com
Sat Sep 22 09:09:57 EDT 2007 

Hello Kaleb,

thanks for your quick reply.

On 22.9.2007, at 2:17, Kaleb Pederson wrote:

> That sounds like a problem with the chroot / kernel.  I don't have  
> a Mac to test against, but it definitely doesn't behave like that  
> on my Linux box. It's also hard to imagine that a bug like that  
> could exist.... What does the
> passwd entry look like for that user?

On Mac OS X /etc/passwd file contains only system users as root,  
sshd, mailman, mysql, etc. User managment is done either in NetInfo  
or in LDAP based Open Directory. In either case I edit any user  
related information using GUI app Workgroup Manager. In my case both  
severs are using Open Directory for users I want to jail.

Both cases thought have respective users "homeDirectory" attribute  
set to "/Users/SomeUser/Sites//" including the double slash (as well  
as "NFSHomeDirectory" attribute). Also their login shell was changed  
from default /bin/bash to /opt/local/sbin/scponlyc and /opt/local/ 
sbin/scponlyc (as well as /opt/local/bin/scponly) was added to the / 
etc/shells file — as recomended by the original article from my  
previous email. I believe this is correct setup. That would be in my  
opinion supported the by the fact that some chroot jailing is being  
done — inability to cd .. up from chroot jail for example. Of course  
I could be wrong..

> I would be interested in looking at any debug output you can  
> provide. It might also help somebody else to attempt to reproduce  
> it with a Mac.

Here is sample from my secure.log (ssh related info goes there  
instead to system.log on Mac OS X) with loglevel 2:

Sep 22 14:39:32 host sshd[5612]: Accepted password for SomeUser from  
XXX.XXX.XXX.XXX port 47150 ssh2
Sep 22 14:39:32 host sshd[5615]: subsystem request for sftp
Sep 22 14:39:32 host scponly[5616]: chrooted binary in place, will  
chroot()
Sep 22 14:39:32 host scponly[5616]: 3 arguments in total.
Sep 22 14:39:32 host scponly[5616]:      arg 0 is scponlyc
Sep 22 14:39:32 host scponly[5616]:      arg 1 is -c
Sep 22 14:39:32 host scponly[5616]:      arg 2 is /usr/libexec/sftp- 
server
Sep 22 14:39:32 host scponly[5616]: opened log at LOG_AUTHPRIV, opts  
0x00000029
Sep 22 14:39:32 host scponly[5616]: retrieved home directory of "/ 
Users/2sproduction/Sites//" for user "2swebadmin"
Sep 22 14:39:32 host scponly[5616]: chrooting to dir: "/Users/ 
SomeUser/Sites"
Sep 22 14:39:32 host scponly[5616]: chdiring to dir: "/"
Sep 22 14:39:32 host scponly[5616]: setting uid to 1072
Sep 22 14:39:32 host scponly[5616]: processing request: "/usr/libexec/ 
sftp-server"\n
Sep 22 14:39:32 host scponly[5616]: Found "HOME" and setting it to "/ 
Users/SomeUser/Sites//"
Sep 22 14:39:32 host scponly[5616]: Environment contains "HOME=/Users/ 
SomeUser/Sites//"
Sep 22 14:39:32 host scponly[5616]: set HOME environment variable  
to / username: SomeUser(1072), IP/port: 213.220.221.246 47150 22
Sep 22 14:39:32 host scponly[5616]: running: /usr/libexec/sftp-server  
(username: SomeUser(1072), IP/port: 213.220.221.246 47150 22)

Issuing out of chroot jail "ls .." command in sftp session does not  
generate any log entry.

>
> If you manually chroot to your chroot directory, do you see the  
> same behavior with ls?

I don't know exactly what I'm suppose to try. Issuing
sudo chroot -u SomeUser /Users/SomeUser/Sites/ /usr/local/sbin/scponlyc
does nothing as well as
sudo chroot -u SomeUser /Users/SomeUser/Sites/ /usr/libexec/sftp-server
but I'm not really familiar with chroot command use.


jan

::: jan mazáč ::: www.hifi-web.com ::: +420 603 295 975 :::


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2415 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070922/ec43dcf1/attachment.bin

More information about the scponly mailing list