| Summary: | sftp symlink incorrectly makes target path absolute | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Xin Li <delphij> | ||||||
| Component: | sftp | Assignee: | Damien Miller <djm> | ||||||
| Status: | CLOSED FIXED | ||||||||
| Severity: | normal | CC: | djm | ||||||
| Priority: | P5 | ||||||||
| Version: | 6.2p1 | ||||||||
| Hardware: | Other | ||||||||
| OS: | FreeBSD | ||||||||
| Bug Depends on: | |||||||||
| Bug Blocks: | 2130 | ||||||||
| Attachments: |
|
||||||||
Created attachment 2327 [details]
improved patch
That patch is incorrect - it would break hardlinking. This one only skips the canonicalistion for symlinks.
patch applied - will be in openssh-6.4 Close all resolved bugs after 7.3p1 release |
Created attachment 2319 [details] patch to address sftp chroot symlink issue I'd like to report a possible regression in sftp(1). In earlier OpenSSH versions, when doing 'symlink' over sftp, the system will create a symbolic link with relative path, and now it creates a symbolic link with absolute path. When doing chroot, this would make an unusable symbolic link. The behavior change was introduced in OpenBSD src/usr.bin/ssh/sftp.c,v 1.132 and based on my understanding of the commit log, this is not intentional. How to reproduce: # sftp dtest sftp> symlink ./l1 22 sftp> ^D # ssh dtest "ls -l 22" lrwxr-xr-x 1 delphij delphij 23 Jun 21 17:28 22@ -> /home/delphij/l1 What's expected: lrwxr-xr-x 1 delphij delphij 4 Jun 21 17:25 22@ -> ./l1 The attached patch should fix this.