On 03/24/2014 01:23 PM, Reindl Harald wrote:
It's still very difficult to securely process uploaded files under a different
user account. Some SFTP clients set
restrictive permissions on upload, and the OpenSSH implementation does not
allow to bypass that.
man umask
[root@rh:/downloads]$ cat /etc/ssh/sshd_config | grep internal-sftp
Subsystem sftp internal-sftp -u 006
umask doesn't apply to explicit chmod.
--
Florian Weimer / Red Hat Product Security Team
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
