Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

system commands: recursively verify required permissions

Browse Source 
If any permission is missing at any level, return a "Permission Denied"
error

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2025-09-28 09:34:39 +02:00
parent f4092b9f9e
commit e892748ef4
3 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/sftpd/ssh_cmd.go
View File

@@ -262,7 +262,7 @@ func (c *sshCommand) executeSystemCommand(command systemCommand) error { //nolin
}
perms := []string{dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermCreateDirs, dataprovider.PermListItems,
dataprovider.PermOverwrite, dataprovider.PermDelete}
if !c.connection.User.HasPerms(perms, sshDestPath) {
if !c.connection.User.HasRecursivePerms(perms, sshDestPath) {
return c.sendErrorResponse(c.connection.GetPermissionDeniedError())
}