That sounds great. It would be even greater if it was in the config file and supported POSIX ACLs, too.
From Phone
________________________________
From: openssh-unix-dev <openssh-unix-dev-bounces+herbie.robinson=stratus.com@mindrot.org> on behalf of Dmitry Belyavskiy <dbelyavs@redhat.com>
Sent: Friday, December 16, 2022 7:29:03 AM
To: OpenSSH Devel List <openssh-unix-dev@mindrot.org>
Subject: [EXTERNAL] Permissions of the files and directory created by sftp-server.
[.EXTERNAL SENDER: This email originated from outside of Stratus Technologies. Do not click links or open attachments unless you recognize the sender and know the content is safe.]
Dear colleagues,
I want to draw your attention to this proposal:
https://github.com/openssh/openssh-portable/pull/351<https://github.com/openssh/openssh-portable/pull/351>
This is to add two options (-m and -M) to sftp-server in order to force the
permission of the files and directory created by sftp-server. Some
applications have a requirement for the permission of the files and
directories which are created by the sftp-server.
Now, some permission can be excluded by -u option, but the base permission
comes from the original permission on the client side. And, it cannot be
controlled by the sftp-server side completely.
The -m option is for files, and the -M option is for directories.
The patch is partially implemented and as downstream in RH-based
distributions and works quite well.
--
Dmitry Belyavskiy
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev<https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
From Phone
________________________________
From: openssh-unix-dev <openssh-unix-dev-bounces+herbie.robinson=stratus.com@mindrot.org> on behalf of Dmitry Belyavskiy <dbelyavs@redhat.com>
Sent: Friday, December 16, 2022 7:29:03 AM
To: OpenSSH Devel List <openssh-unix-dev@mindrot.org>
Subject: [EXTERNAL] Permissions of the files and directory created by sftp-server.
[.EXTERNAL SENDER: This email originated from outside of Stratus Technologies. Do not click links or open attachments unless you recognize the sender and know the content is safe.]
Dear colleagues,
I want to draw your attention to this proposal:
https://github.com/openssh/openssh-portable/pull/351<https://github.com/openssh/openssh-portable/pull/351>
This is to add two options (-m and -M) to sftp-server in order to force the
permission of the files and directory created by sftp-server. Some
applications have a requirement for the permission of the files and
directories which are created by the sftp-server.
Now, some permission can be excluded by -u option, but the base permission
comes from the original permission on the client side. And, it cannot be
controlled by the sftp-server side completely.
The -m option is for files, and the -M option is for directories.
The patch is partially implemented and as downstream in RH-based
distributions and works quite well.
--
Dmitry Belyavskiy
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev<https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev