> On 2019-07-15 at 12:24 +0200, Ramón García wrote: > > I am in trouble because sshd refuses to chroot to a directory that is > > writable by users other than the owner. > [...] > > And when one has to work > > with a speficied directory layout, required for compatibility with > > existing applications, it makes it very hard to implement a sftp file > > server. Simply put: tough. If you have to have non-root ownership and/or write permission to the top of the chroot cage, then don't use SFTP. Use ftps, supported by vsftpd, which has a different security model and suports an enitely empty workspace fo FTP-like uploads or downloads. For Linux and UNIX systems, the "vsftpd" daemon does this very well. A genuine ftp or ftps server does not have some of the powerful features of an an SFTP server, but can handle symlinks considerably better. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
