Hi Mark and thanks for this bug report. I can see how the flag introduced by the "sftp-force-permissions" patch could come handy, however I doubt we are going to include in the Ubuntu package unless there's a compelling reason for doing so. And if such a compelling reason did exist, then I think it should be brought to the attention of the upstream openssh developers, without delivering the functionality with a distribution specific patch.
My suggestion here is to: - Poke upstream about this. Note that they may have a good rationale for *not* including the patch, given that it's small and they didn't already do so. - File a bug in Debian. The Ubuntu openssh package is almost a sync from Debian, which is another good reason to avoid including an additional delta to it, with all its long-term implications (old memories here: [1]). If Debian includes the patch then Ubuntu will pick it up with the following package syncs or merges. I'm going to triage this as a Wishlist bug for now. This is not a final word, but I doubt the importance of this bug is likely to be bumped without a compelling use case that would be enabled by adding the patch. [1] https://www.debian.org/security/2008/dsa-1571 ** Changed in: openssh (Ubuntu) Status: New => Triaged ** Changed in: openssh (Ubuntu) Importance: Undecided => Wishlist -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1922130 Title: Request addition of Fedora / Redhat "sftp-force-permissions" patch Status in openssh package in Ubuntu: Triaged Bug description: Fedora / Redhat ships openssh with a patch which adds "-m force permission" flag to sftp-server. This is quite a common feature request / support request on the various stackexchange sites - https://superuser.com/questions/332284 /in-sftp-how-to-set-the-default-permission-for-all-files-in-a-folder You will see that someone has answered "add -m" there which is indeed the simplest answer by a distance but unfortunately it's a non standard patch: https://src.fedoraproject.org/rpms/openssh/blob/f34/f/openssh-6.7p1 -sftp-force-permission.patch This I think should supersede #563216 because they have been shipping this in production presumably since at least 2015 (I see it in fedora 22 branch), so it is a known stable patch compared to the one suggested there. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1922130/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
