Original patch by Ricardo Cerqueira Updated by James Dennis for openssh-3.5 A patch to cause sshd to chroot when it encounters the magic token '/./' in a users home directory. The directory portion before the token is the directory to chroot() to, the portion after the token is the user's home directory relative to the new root. Patch source using: patch -p0 < /path/to/patch Systems with a bad diff (doesn't understand -u or -N) should use gnu diff. Solaris may store this as gdiff under /opt/sfw/bin. I can't say much about other systems (unless you email me your experiences!). ================================================================================ diff -uNr openssh-3.6p1/session.c openssh-3.6p1-chroot/session.c --- openssh-3.6p1/session.c Thu Mar 20 20:15:18 2003 +++ openssh-3.6p1-chroot/session.c Mon Mar 31 13:16:25 2003 @@ -58,6 +58,8 @@ #include "session.h" #include "monitor_wrap.h" +#define CHROOT + #ifdef HAVE_CYGWIN #include #include @@ -1206,6 +1208,12 @@ void do_setusercontext(struct passwd *pw) { + +#ifdef CHROOT + char *user_dir; + char *new_root; +#endif /* CHROOT */ + #ifndef HAVE_CYGWIN if (getuid() == 0 || geteuid() == 0) #endif /* HAVE_CYGWIN */ @@ -1242,6 +1250,27 @@ exit(1); } endgrent(); + +#ifdef CHROOT + user_dir = xstrdup(pw->pw_dir); + new_root = user_dir + 1; + + while((new_root = strchr(new_root, '.')) != NULL) { + new_root--; + if(strncmp(new_root, "/./", 3) == 0) { + *new_root = '\0'; + new_root += 2; + + if(chroot(user_dir) != 0) + fatal("Couldn't chroot to user directory %s", user_dir); + + pw->pw_dir = new_root; + break; + } + new_root += 2; + } +#endif /* CHROOT */ + # ifdef USE_PAM /* * PAM credentials may take the form of supplementary groups.