[ https://issues.apache.org/jira/browse/SSHD-731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Work on SSHD-731 started by Goldstein Lyor. ------------------------------------------- > Vulnerability in SimpleAccessControlSftpEventListener implementation > --------------------------------------------------------------------- > > Key: SSHD-731 > URL: https://issues.apache.org/jira/browse/SSHD-731 > Project: MINA SSHD > Issue Type: Bug > Affects Versions: 1.3.0 > Reporter: Boris Fridland > Assignee: Goldstein Lyor > Priority: Minor > > After implementing sftp access control by overriding > SimpleAccessControlSftpEventListener and adding it to SftpSubsystemFactory: > Scenario: > 1.set SimpleAccessControlSftpEventListener.isModificationAllowed to return > false > 2. Establish connection with WinScp > 3. try to create new file > expected result: access denied message + no influence on file system > actual: access denied message, + empty file is written to server disc. > in addition if existing file is opened, and being saved --> result is that > file content of is removed. > Attached configuration code: > {code:java} > SftpSubsystemFactory.Builder builder = new SftpSubsystemFactory.Builder(); > builder.addSftpEventListener(new > SimpleAccessControlSftpEventListener() { > protected boolean isAccessAllowed(ServerSession session, String > remoteHandle, Path localPath) > throws IOException { > EUserAccessLevel level = > authorizationManager.getAccessLevel(session.getUsername()); > return level.hasReadAccess(); > } > protected boolean isModificationAllowed(ServerSession session, > String remoteHandle, Path localPath) > throws IOException { > EUserAccessLevel level = > authorizationManager.getAccessLevel(session.getUsername()); > return level.hasWriteAccess(); > } > }); > > sshd.setSubsystemFactories(Collections.singletonList(builder.build())); > sshd.setCommandFactory(new ScpCommandFactory()); > {code} -- This message was sent by Atlassian JIRA (v6.3.15#6346)