Steven Mocking wrote:
> If I recall
> correctly the chroot system call can only be made as root and the
> sftp-server is run as a subsystem request by a user inside the ssh
> session. That's why it's FTP *over* SSH. Before that, there is not
> really something specific which tells you if a session is sftp or shell.
>
> Perhaps you could patch/modify the sftp-server sourcecode to do
> something like
>
> uid_t uid = getuid(); chroot("/path/to/chroot"); seteuid(uid);
>
> very early on in the code. Then make the compiled binary setuid root. Be
> careful though, because there is always the danger of holes with setuid
> root binaries, like users setting LD_LIBRARY_PATH and LD_PRELOAD.

I wanted to patch the session.c only to make it easier to port (on
hundreds of hybrid UNIX systems) but after reading most of the SSH code
with no clues, I guess your right the only way to go would be to patch
the sftp-server.c as well.

The best way to go is to seperate sftp users from login ones and chroot
normally (both) as required. but it's worth investigating

Thanks anyway Steve,
MJ