Hi again I refactored the patch. It's now more decoupled from the SFTP processing code. All the syscalls used by the processing code now have a proxy instead of having the processing code very jail-aware. With that comes a functional difference: The content of a symlink is not prepended with the jail path. Instead there is also a modified realpath() also used by the other proxy-syscalls. I will try to write tests for it. I don't know how to get full coverage by just using sftp. Help appreciated and any hints on using the existing regression test framework. Regards Dimitri -------------- next part -------------- A non-text attachment was scrubbed... Name: sftp-server-soft-jail.patch Type: text/x-patch Size: 13831 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140112/d4464c66/attachment-0001.bin>
