Bug 440043 - request to add chroot sftp capabilty into openssh-server
request to add chroot sftp capabilty into openssh-server
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: openssh (Show other bugs)
4.0
All Linux
medium Severity medium
: rc
: ---
Assigned To: Tomas Mraz
Brian Brock
: FutureFeature
Depends On:
Blocks: 440240
  Show dependency treegraph
 
Reported: 2008-04-01 10:40 EDT by Marcelo Giles
Modified: 2010-10-22 19:38 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-10-17 04:26:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marcelo Giles 2008-04-01 10:40:36 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b4pre) Gecko/2008030315 Red Hat/3.0b4pre-0.beta3.4.el5 Minefield/3.0b4pre

Description of problem:
Customer is requesting, for security reasons, that we add chroot capability to our sshd server, more specifically for sftp.

Upstream OpenSSH software version 4.9 recently incorporated this feature.

See release notes and man pages:

http://openssh.org/txt/release-4.9
http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config 

Can we backport this feature into our current version of the openssh-server package for RHEL?

Version-Release number of selected component (if applicable):


How reproducible:
Always


Steps to Reproduce:
1. Use of current OpenSSH RHEL software

Actual Results:
No chroot environment built in configuration options.

Expected Results:
An openssh-server capable of built in chroot configuration options.

Additional info:
Comment 1 Tomas Mraz 2008-04-02 07:42:04 EDT
Given the state of maintenance of RHEL-4 I am not sure this is appropriate
feature for backport. It would also have to be backported to RHEL-5 first so we
wouldn't regress feature-wise.
Comment 3 Christopher J. Buckley 2009-04-09 08:50:06 EDT
(In reply to comment #1)
> Given the state of maintenance of RHEL-4 I am not sure this is appropriate
> feature for backport. It would also have to be backported to RHEL-5 first so we
> wouldn't regress feature-wise.

Would you consider backporting it to RHEL5, Thomas?

Thanks,
Chris
Comment 4 Tomas Mraz 2009-04-09 09:34:19 EDT
Yes, it will be part of 5.4 if QA goes well. See bug 440420

Note You need to log in before you can comment on or make changes to this bug.