sFTP exit CZCHKCMD

General discussion of the Co:Z Toolkit
Post Reply
njd
Posts: 39
Joined: Fri Apr 24, 2015 5:57 am

sFTP exit CZCHKCMD

Post by njd »

We want to use exit CZCHKCMD to block all CD commands for COSZFTP's coming into our server. Can we just reject all CWD commands coming in, in the same way that you can with FTP exit FTCHKCMD.

Many thanks,

Nick
dovetail
Site Admin
Posts: 2022
Joined: Thu Jul 29, 2004 12:12 pm

Re: sFTP exit CZCHKCMD

Post by dovetail »

The SFTP protocol doesn't map exactly to FTP. There is actually no CWD command in SFTP, but most SFTP clients with do a SFTP "stat" request for the new directory when you do a CD. Co:Z SFTP server will map a directory "stat" to a CWD when calling the FTP-compatible exit interface.

However -
- Some SFTP clients don't do a stat for a CD command. They might do an "opendir" request.

- If you want to prevent clients from accessing other directories, you also need to trap other requests with for these directories (just like you must with FTP).

If what you want to do is to keep clients from accessing files outside of their home directory, then we ship a optional exit that does this.
See "chkcmd_homedir" in https://dovetail.com/docs/cozinstall/changes.html.
This was added in the release 4.1.0
njd
Posts: 39
Joined: Fri Apr 24, 2015 5:57 am

Re: sFTP exit CZCHKCMD

Post by njd »

Would the chkcmd_homedir exit work with C:Z SFTP Version 2.4.1 (5.0p1)? If the exit would work is it possible to get hold of the sample code?
dovetail
Site Admin
Posts: 2022
Joined: Thu Jul 29, 2004 12:12 pm

Re: sFTP exit CZCHKCMD

Post by dovetail »

You can get the exit by downloading the 4.1.0 release.

The exit *might* work with 2.4.5, but we have not tested it.
(For Enterprise License and Support customers - we provide official support for this exit prior to the 4.1.0 release)
njd
Posts: 39
Joined: Fri Apr 24, 2015 5:57 am

Re: sFTP exit CZCHKCMD

Post by njd »

Many thanks for this. The exit appears to work fine with our release. Is the exit supplied in load module only format? Is the source code also shipped?
Post Reply