Bug 1176 - Cannot set sticky bits via sftp
Summary: Cannot set sticky bits via sftp
Status: CLOSED DUPLICATE of bug 1310
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sftp-server (show other bugs)
Version: 4.3p2
Hardware: Other Linux
: P2 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-03-24 03:12 AEDT by Paul Gotch
Modified: 2008-04-04 09:55 AEDT (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Paul Gotch 2006-03-24 03:12:21 AEDT
Comment 1 Paul Gotch 2006-03-24 03:16:00 AEDT 
It is not possible to set sticky bits via sftp due to the following code in the process_setstat() function in sftp-server.c

if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
    ret = chmod(name, a->perm & 0777);
    if (ret == -1)
         status = errno_to_portable(errno);
}

If the user has shell access then they can execute a chmod command via ssh to get round this therefore even if there is a security reason for doing this it should at least be configurable. If there is a valid security reason for doing this it should be noted in the FAQ.

I found this while attempting to use sshfs, which uses sftp underneath.
Comment 2 Frederik Deweerdt 2007-04-26 19:01:03 AEST 

*** This bug has been marked as a duplicate of bug 1310 ***
Comment 3 Damien Miller 2008-04-04 09:55:22 AEDT 
Close resolved bugs after release.