Debian Bug report logs - #841237
openssh-server: option to let openssh/sftp force the exact permissions on newly uploaded files

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Raphaël Droz <raphael.droz@gmail.com>

To: submit@bugs.debian.org

Subject: openssh-server: option to let openssh/sftp force the exact permissions on newly uploaded files

Date: Tue, 18 Oct 2016 16:15:41 -0300

Package: openssh-server
Version: 1:6.7p1-5+deb8u3
Severity: wishlist

Dear Maintainer,

Currently when setting up a shared sftp upload space between multiple
users/logins, you can force a proper umask with the -u switch.

This requires that the file at the origin has wide-permissions to start with.
In some cases, users are not skilled enough to set the permissions to be
correct (sigh).

While this could be solved via file/dir ACLs, it is also not entirely trivial
in most environments.

https://bugzilla.redhat.com/show_bug.cgi?id=1191055
https://bugzilla.mindrot.org/show_bug.cgi?id=1844
https://superuser.com/questions/1066554/



Thank you

Message #12 received at 841237@bugs.debian.org (full text, mbox, reply):

From: Raphaël <raphael.droz@gmail.com>

To: 841237@bugs.debian.org

Subject: Re: openssh-server: option to let openssh/sftp force the exact permissions on newly uploaded files

Date: Fri, 10 Mar 2017 12:56:35 -0300

See the latest patch:
https://bugzilla.mindrot.org/attachment.cgi?id=2872&action=diff

Any hope this could be added to Debian custom patches in the next
release?

Message #17 received at 841237@bugs.debian.org (full text, mbox, reply):

From: "Dr. Nagy Elemér Kár oly" <eknagy@omikk.bme.hu>

To: 841237@bugs.debian.org

Subject: openssh-server: force exact permissions on newly uploaded files and directories

Date: Sat, 25 Nov 2017 14:26:18 +0100

Dear Maintainer(s),

The V3 patch (https://bugzilla.mindrot.org/attachment.cgi?id=3096) forces permission on directories as well, builds 
cleanly both with Debian 8 and 9 (openssh-server 1:7.4p1-10+deb9u1 and 1:7.6p1-2) and is a great feature IMHO.

Please integrate.

Elemér

Message #22 received at 841237@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: Dr. Nagy Elemér Kár oly <eknagy@omikk.bme.hu>, 841237@bugs.debian.org

Subject: Re: Bug#841237: openssh-server: force exact permissions on newly uploaded files and directories

Date: Sat, 25 Nov 2017 14:25:49 +0000

On Sat, Nov 25, 2017 at 02:26:18PM +0100, Dr. Nagy Elemér Kár oly wrote:
> The V3 patch (https://bugzilla.mindrot.org/attachment.cgi?id=3096) forces permission on directories as well, builds 
> cleanly both with Debian 8 and 9 (openssh-server 1:7.4p1-10+deb9u1 and 1:7.6p1-2) and is a great feature IMHO.
> 
> Please integrate.

Thanks for the patch, but this sort of thing has to go upstream first.
The reason for this is: what if upstream decided to integrate some other
change that added a -m option with different semantics?  Then I, and
Debian users, would be in a sticky situation with no clear way out.

I have no particular objection to the patch, but there's no point
continuing to promote it on this bug report.

Regards,

-- 
Colin Watson                                       [cjwatson@debian.org]

Message #27 received at 841237@bugs.debian.org (full text, mbox, reply):

From: Mark Gallagher <mark@fts.scot>

To: 841237@bugs.debian.org

Subject: Re: Bug#841237: openssh-server: force exact permissions on newly uploaded files and directories

Date: Thu, 1 Apr 2021 15:28:36 +0100

I'd like to register a vote here. Fedora and therefore RHEL have been 
shipping this patch for 6 years now:

https://src.fedoraproject.org/rpms/openssh/blob/f22/f/openssh-6.7p1-sftp-force-permission.patch

The chances of BSD either upstreaming this patch OR providing a patch 
which behaves differently to this one seems to me to be quite low.

Send a report that this bug log contains spam.