From dcff5810a11195c57e1b3343c0d6b6f2b9974c11 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Thu, 22 Jan 2015 20:24:41 +0000 Subject: upstream commit Provide a warning about chroot misuses (which sadly, seem to have become quite popular because shiny). sshd cannot detect/manage/do anything about these cases, best we can do is warn in the right spot in the man page. ok markus --- sshd_config.5 | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index 88fe90193..3b809c28d 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.189 2015/01/13 07:39:19 djm Exp $ -.Dd $Mdocdate: January 13 2015 $ +.\" $OpenBSD: sshd_config.5,v 1.190 2015/01/22 20:24:41 deraadt Exp $ +.Dd $Mdocdate: January 22 2015 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -330,8 +330,10 @@ The default is Specifies the pathname of a directory to .Xr chroot 2 to after authentication. -All components of the pathname must be root-owned directories that are -not writable by any other user or group. +At session startup +.Xr sshd 8 +checks that all components of the pathname are root-owned directories +which are not writable by any other user or group. After the chroot, .Xr sshd 8 changes the working directory to the user's home directory. @@ -368,6 +370,13 @@ inside the chroot directory on some operating systems (see .Xr sftp-server 8 for details). .Pp +For safety, it is very important that the directory heirarchy be +prevented from modification by other processes on the system (especially +those outside the jail). +Misconfiguration can lead to unsafe environments which +.Xr sshd 8 +cannot detect. +.Pp The default is not to .Xr chroot 2 . .It Cm Ciphers -- cgit v1.2.3