John-Mark Gurney wrote this message on Mon, Oct 19, 2020 at 12:03 -0700: > In one of the projects, I'd like to restirct what files sftp-server > can deliver. The -p, whitelisting requests helps contain the client, > but does not limit what files they have access too. > > If a user has root on their box, they can of course use chroot, but not > every person has root, nor the desire to setup a particular user or > dedicated ssh server for this. > > My thought (and implemented) was to add a simple option to sftp-server > to add a list of files that open is permitted to open. > > The code is available at: > https://www.funkthat.com/gitea/jmg/openssh-portable.git > > on the branch sftp-firewall. > > I wasn't sure what the best way to submit a patch was, so let me know > if there is a better way. Ping, never got a response to this email. Or a direction on where better to send this. I'd be nice to at least get a confirmation that OpenSSH devs are not interested in this patch before I start working on a fork of sftp-server. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
