mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Guillaume Nodet (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SSHD-731) Vulnerability in SimpleAccessControlSftpEventListener implementation
Date Thu, 29 Jun 2017 09:35:00 GMT

     [ https://issues.apache.org/jira/browse/SSHD-731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Guillaume Nodet updated SSHD-731:
---------------------------------
    Fix Version/s:     (was: 1.5.0)
                   1.6.0

> Vulnerability in SimpleAccessControlSftpEventListener  implementation
> ---------------------------------------------------------------------
>
>                 Key: SSHD-731
>                 URL: https://issues.apache.org/jira/browse/SSHD-731
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 1.3.0
>            Reporter: Boris Fridland
>            Assignee: Goldstein Lyor
>            Priority: Minor
>             Fix For: 1.6.0
>
>
> After implementing sftp access control by overriding SimpleAccessControlSftpEventListener
and adding it to SftpSubsystemFactory:
> Scenario:
> 1.set SimpleAccessControlSftpEventListener.isModificationAllowed to return false
> 2.  Establish connection with WinScp
> 3. try to create new file
> expected result: access denied  message + no influence on file system
> actual: access denied  message, + empty file is written to server disc.
> in addition if existing file is opened, and being saved --> result is that file content
of is removed.
> Attached configuration code:
> {code:java}
> SftpSubsystemFactory.Builder builder = new SftpSubsystemFactory.Builder();
>         builder.addSftpEventListener(new SimpleAccessControlSftpEventListener() {
>             protected boolean isAccessAllowed(ServerSession session, String remoteHandle,
Path localPath)
>                     throws IOException {
>                 EUserAccessLevel level = authorizationManager.getAccessLevel(session.getUsername());
>                 return level.hasReadAccess();
>             }
>             protected boolean isModificationAllowed(ServerSession session, String remoteHandle,
Path localPath)
>                     throws IOException {
>                 EUserAccessLevel level = authorizationManager.getAccessLevel(session.getUsername());
>                return level.hasWriteAccess();
>             }
>         });
>         sshd.setSubsystemFactories(Collections.singletonList(builder.build()));
>         sshd.setCommandFactory(new ScpCommandFactory());
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message