Subject: Re: Permissions problem with mod_sftp

Re: Permissions problem with mod_sftp

From: TJ Saunders <tj_at_castaglia.org>
Date: Tue, 29 May 2012 11:15:49 -0700 (PDT)

> Of course when you've done it we're happy about any seconds you can
> spend on helping improve libssh2!

I looked into this, and tracked down the issue. The libssh2 SFTP library
code always sends file permissions when opening a file, regardless of
whether that file is going to be opened for reading or for writing. And
on the server end, the mod_sftp module always honors any permissions sent
by the client, regardless of whether the file is being opened for reading
or writing.

Arguably this is not the best behavior for both the client and the server
end of things, as the sample case (e.g. using the 'sftp' example program
to download a file from an SFTP server) demonstrates.

I've attached a small libssh2 patch which illustrates one possible
solution for the client end. It makes the libssh2/src/sftp.c:sftp_open()
function a little more aware of the file flags used by the calling
application. Specifically, if a file is being opened only for reading,
then the patch changes the SFTP request such that the permissions are NOT
sent to the server as part of the SFTP OPEN request.

I will also be adjusting the mod_sftp code to do something similar on its
end of things.

Hope this helps,
TJ

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Absence is to love what wind is to fire: it extinguishes the
   small, it enkindles the great.

           -Comte de Bussy-Rabutin

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Received on 2012-05-29