On Tue, Sep 16, 2003 at 01:38:59AM -0700, Jonathan Walther wrote: > > Someone switched the sshd configuration to use the so-called "chroot" > version of the sftp subsystem. This does not work, it has never worked, > and it CANNOT work. Any project that wants to have an arch repository > needs it to work, including my project. > > sftp has never yet been compromised, and the version of ssh on Savannah > is up to date. The directory permissions are set correctly. What is to > worry about? Noone is able to access anything with sftp they cannot > ALREADY access with ssh.
let me get this straight... savannah users (those who are registered, have valid accounts etc) get a normal full ssh shell account on this machine, not chrooted. sftp only allows connections from these same authenticated real accounts (no `anonymous'), and yet sftp is being chrooted? as a sysadmin myself, ill state that this makes no sense. sftp is only available to the same users who already have a full shell, there is no additional threat from it that is not already present by allowing shell access. -- Ethan Benson http://www.alaska.net/~erbenson/
pgp00000.pgp
Description: PGP signature
_______________________________________________ Savannah-hackers mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/savannah-hackers
