Ubuntu
scponly package

  1. Bug #611400
  2. Activity log

Activity log for bug #611400

Date Who What changed Old value New value Message
2010-07-29 17:36:01 Rafal-maj-it bug added bug
2010-07-29 17:36:17 Rafal-maj-it affects ubuntu scponly (Ubuntu)
2010-07-29 17:36:26 Rafal-maj-it visibility private public
2010-07-29 17:42:25 Rafal-maj-it description scponlyc does not work (can not build chroot for it) Don't know workarounds for scponlyc, other then using INSECURE scponly mod - therefore marking this as security bug. Trying to follow say: http://ubuntuforums.org/showthread.php?t=451510 scponlyc (the CHROOTED version of scponly) does not work on new user, its needed to build dir for chroot. Using the described script does not work: cd /usr/share/doc/scponly/setup_chroot sudo gunzip setup_chroot.sh.gz that script complains that scponlyc is not setup (while it IS set up correctly with that YES option after skipping that warning, all is created, but it does not work it can not find the lib running: /usr/lib/sftp-server failed: /usr/lib/sftp-server with error No such file or directory(2) copying that /usr/lib/sftp-server into chroot is not sufficient to fix this. So I assume the make-chroot-script is not valid there. Then it should be removed or upgraded. Don't know workarounds for scponlyc, other then using INSECURE scponly mod - therefore marking this as security bug. Or for using sftp from ssh (will that work?) and not using scponly at all (but then, is it as good solution?) scponlyc does not work (can not build chroot for it) Don't know workarounds for scponlyc, other then using INSECURE scponly mode - therefore marking this as security bug. scponly 4.8-4 on Ubuntu Lucid 64bit Trying to follow say: http://ubuntuforums.org/showthread.php?t=451510 scponlyc (the CHROOTED version of scponly) does not work on new user, its needed to build dir for chroot. Using the described script does not work: cd /usr/share/doc/scponly/setup_chroot sudo gunzip setup_chroot.sh.gz that script complains that scponlyc is not setup (while it IS set up correctly with that YES option after skipping that warning, all is created, but it does not work it can not find the lib running: /usr/lib/sftp-server failed: /usr/lib/sftp-server with error No such file or directory(2) copying that /usr/lib/sftp-server into chroot is not sufficient to fix this. So I assume the make-chroot-script is not valid there. Then it should be removed or upgraded. Don't know workarounds for scponlyc, other then using INSECURE scponly mod - therefore marking this as security bug. Or for using sftp from ssh (will that work?) and not using scponly at all (but then, is it as good solution?)
2010-07-29 17:43:38 Philip Muškovac tags lucid
2010-08-09 12:56:23 Marc Deslauriers security vulnerability yes no
2010-08-09 12:56:25 Marc Deslauriers bug added subscriber Ubuntu Bugs
2010-08-09 12:56:30 Marc Deslauriers removed subscriber Ubuntu Security Team
2013-05-14 14:57:20 Phillip Susi scponly (Ubuntu): status New Invalid