Bugzilla – Attachment 2547 Details for
Bug 1844
Explicit file permissions enhancement to sftp-server
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for current upstream version
sftp_force_mode.patch (text/plain), 2.32 KB, created by
Jakub Jelen
on 2015-02-12 20:38:04 AEDT
(
hide
)
Description:
Patch for current upstream version
Filename:
MIME Type:
Creator:
Jakub Jelen
Created:
2015-02-12 20:38:04 AEDT
Size:
2.32 KB
patch
obsolete
>From be4b25b58db5e3135eb847e3d8e2e83bae421920 Mon Sep 17 00:00:00 2001 >From: Jakub Jelen <jjelen@redhat.com> >Date: Thu, 12 Feb 2015 10:14:39 +0100 >Subject: [PATCH] Add ability to force mode in sftp > >--- > sftp-server.c | 21 +++++++++++++++++++-- > 1 file changed, 19 insertions(+), 2 deletions(-) > >diff --git a/sftp-server.c b/sftp-server.c >index 4f735cd..0ec46ed 100644 >--- a/sftp-server.c >+++ b/sftp-server.c >@@ -79,6 +79,10 @@ static int readonly; > /* Requests that are allowed/denied */ > static char *request_whitelist, *request_blacklist; > >+/* Force file permissions */ >+int permforce = 0; >+long permforcemode; >+ > /* portable attributes, etc. */ > typedef struct Stat Stat; > >@@ -693,6 +697,10 @@ process_open(u_int32_t id) > debug3("request %u: open flags %d", id, pflags); > flags = flags_from_portable(pflags); > mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666; >+ if (permforce == 1) { /* Force perm if -m is set */ >+ mode = permforcemode; >+ (void)umask(0); /* so umask does not interfere */ >+ } > logit("open \"%s\" flags %s mode 0%o", > name, string_from_portable(pflags), mode); > if (readonly && >@@ -1495,7 +1503,7 @@ sftp_server_usage(void) > fprintf(stderr, > "usage: %s [-ehR] [-d start_directory] [-f log_facility] " > "[-l log_level]\n\t[-P blacklisted_requests] " >- "[-p whitelisted_requests] [-u umask]\n" >+ "[-p whitelisted_requests] [-u umask] [-m force_file_perms]\n" > " %s -Q protocol_feature\n", > __progname, __progname); > exit(1); >@@ -1520,7 +1528,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) > pw = pwcopy(user_pw); > > while (!skipargs && (ch = getopt(argc, argv, >- "d:f:l:P:p:Q:u:cehR")) != -1) { >+ "d:f:l:P:p:Q:u:m:cehR")) != -1) { > switch (ch) { > case 'Q': > if (strcasecmp(optarg, "requests") != 0) { >@@ -1580,6 +1588,15 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) > fatal("Invalid umask \"%s\"", optarg); > (void)umask((mode_t)mask); > break; >+ case 'm': >+ /* Force permissions on file received via sftp */ >+ permforce = 1; >+ permforcemode = strtol(optarg, &cp, 8); >+ if (permforcemode < 0 || permforcemode > 0777 || >+ *cp != '\0' || (permforcemode == 0 && >+ errno != 0)) >+ fatal("Invalid file mode \"%s\"", optarg); >+ break; > case 'h': > default: > sftp_server_usage(); >-- >2.1.0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2547">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1844
:
1973
|
2547
|
2872
|
3096
|
3098