Hello, In one of the projects, I'd like to restirct what files sftp-server can deliver. The -p, whitelisting requests helps contain the client, but does not limit what files they have access too. If a user has root on their box, they can of course use chroot, but not every person has root, nor the desire to setup a particular user or dedicated ssh server for this. My thought (and implemented) was to add a simple option to sftp-server to add a list of files that open is permitted to open. The code is available at: https://www.funkthat.com/gitea/jmg/openssh-portable.git on the branch sftp-firewall. I wasn't sure what the best way to submit a patch was, so let me know if there is a better way. Thanks. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
