From owner-freebsd-security Thu Dec 19 6:33:34 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 25F8D37B401 for ; Thu, 19 Dec 2002 06:33:32 -0800 (PST) Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 651CB43EC5 for ; Thu, 19 Dec 2002 06:33:31 -0800 (PST) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smtp1.sentex.ca (8.12.6/8.12.6) with ESMTP id gBJEXP0W037318; Thu, 19 Dec 2002 09:33:25 -0500 (EST) (envelope-from mike@sentex.net) Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.12.6/8.12.6) with ESMTP id gBJEYjHY037884; Thu, 19 Dec 2002 09:34:46 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <5.2.0.9.0.20021219093506.046e4660@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Thu, 19 Dec 2002 09:36:25 -0500 To: Pawel Jakub Dawidek From: Mike Tancsa Subject: Re: OpenSSH's sftp and chroot Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <20021219142724.GG12563@garage.freebsd.pl> References: <20021122134324.GA24134@nevermind.kiev.ua> <20021122134324.GA24134@nevermind.kiev.ua> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: By Sentex Communications (lava/20020517) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Have you approached the openssh folks about integrating your patch into their tree ? This would be a nice "standard" thing to have ? Or, what about inclusion in the FreeBSD tree ? ---Mike At 03:27 PM 19/12/2002 +0100, Pawel Jakub Dawidek wrote: >On Fri, Nov 22, 2002 at 03:43:24PM +0200, Alexandr Kovalenko wrote: >+> [I'm again not sure, which list is more apropriate place for asking this >+> question] >+> >+> Will OpenSSH's sftp-server have support for chroot anytime soon in >+> RELENG_4{_X} ? Becuase of lack of this feature I have to use ssh.com's >+> ssh, which is what I do not like. > >Look at my patch for OpenSSH 3.4p1: > > http://garage.freebsd.pl/openssh.README > http://garage.freebsd.pl/openssh.tgz > >With this patch You can chroot/jail selected users or groups (see README). > >-- >Pawel Jakub Dawidek >UNIX Systems Administrator >http://garage.freebsd.pl >Am I Evil? Yes, I Am. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message