sftpd: explicitly disallow some commands on root directory

It was possible to remove an empty root dir or create a symlink to it. We now return a Permission Denied error if we detect an attempt to remove, renaming or symlinking the root directory
2025-12-07 06:40:54 +03:00 · 2019-12-25 23:37:37 +01:00
parent 489101668c
commit ae812e55af
2 changed files with 45 additions and 6 deletions
--- a/sftpd/sftpd_test.go
+++ b/sftpd/sftpd_test.go
@@ -2406,6 +2406,37 @@ func TestPermsSubDirsCommands(t *testing.T) {
 	os.RemoveAll(user.GetHomeDir())
 }

+func TestRootDirCommands(t *testing.T) {
+	usePubKey := true
+	u := getTestUser(usePubKey)
+	u.Permissions["/"] = []string{dataprovider.PermAny}
+	u.Permissions["/subdir"] = []string{dataprovider.PermDownload, dataprovider.PermUpload}
+	user, _, err := httpd.AddUser(u, http.StatusOK)
+	if err != nil {
+		t.Errorf("unable to add user: %v", err)
+	}
+	client, err := getSftpClient(user, usePubKey)
+	if err != nil {
+		t.Errorf("unable to create sftp client: %v", err)
+	} else {
+		defer client.Close()
+		err = client.Rename("/", "rootdir")
+		if !strings.Contains(err.Error(), "Permission Denied") {
+			t.Errorf("unexpected error renaming root dir: %v", err)
+		}
+		err = client.Symlink("/", "rootdir")
+		if !strings.Contains(err.Error(), "Permission Denied") {
+			t.Errorf("unexpected error symlinking root dir: %v", err)
+		}
+		err = client.RemoveDirectory("/")
+		if !strings.Contains(err.Error(), "Permission Denied") {
+			t.Errorf("unexpected error removing root dir: %v", err)
+		}
+	}
+	httpd.RemoveUser(user, http.StatusOK)
+	os.RemoveAll(user.GetHomeDir())
+}
+
 func TestRelativePaths(t *testing.T) {
 	user := getTestUser(true)
 	path := filepath.Join(user.HomeDir, "/")