tomaswolf commented on issue #296: URL: https://github.com/apache/mina-sshd/issues/296#issuecomment-1360277406
I looked at that a while ago myself in the context of [Gerrit issue 15944](https://bugs.chromium.org/p/gerrit/issues/detail?id=15944). I didn't see immediately how to do that. Perhaps someone more knowledgeable with FileSystems can chime in here. To enforce read-only SFTP access, another approach might be using a `org.apache.sshd.contrib.server.subsystem.sftp.SimpleAccessControlSftpEventListener.READ_ONLY_ACCESSOR`. Something like ``` SftpSubsystemFactory.Builder builder = new SftpSubsystemFactory.Builder(); builder.addSftpEventListener(SimpleAccessControlSftpEventListener.READ_ONLY_ACCESSOR); server.setSubsystemFactories(Collections.singletonList(builder.build())); // Actually, add the SFTP factory to whatever other factories there are. server.setFileSystemFactory(new VirtualFileSystemFactory(rootPath)); ``` Otherwise look at `org.apache.sshd.common.file.root.RootedFileSystem`. It does have an `isReadOnly()` method. It might perhaps be necessary to override more methods to make it truly read-only, and you'd need a provider for it, and probably override parts of the `VirtualFileSystemFactory` to use your own read-only filesystem implementation. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
