subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Sperling <>
Subject Re: ssh+svn vs. bash security bug?
Date Thu, 25 Sep 2014 08:08:31 GMT
On Wed, Sep 24, 2014 at 07:30:57PM -0400, Nico Kadel-Garcia wrote:
> Setting up a chroot for Subversion for just this purpose gets...
> potentially adventuresome. The maintainers of OpenSSH have generically
> refused to support chroot changes, so it's a bit awkward to even set
> up. Various folks have published patches or integration kits to
> support genuine chroot cages: heck, even I used to publish patches for
> OpenSSH to provide them.

I have to admit that while I did successfully chroot svnserve with
svn:// once, I've never tried to chroot svn+ssh://

But I'd be surprised if OpenSSH was making this difficult.
The ChrootDirectory configuration option of OpenSSH won't do?
If so, why not?

Upgrading bash is a better solution to this particular problem,
of course, but using a chroot containing the minimum components
could still be a good idea in general.

View raw message