You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Lyor Goldstein (Jira)" <ji...@apache.org> on 2020/07/28 14:11:00 UTC
[jira] [Work started] (SSHD-1042) Command Limiting Policy
SSH_FXP_READDIR closing connection
[ https://issues.apache.org/jira/browse/SSHD-1042?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Work on SSHD-1042 started by Lyor Goldstein.
--------------------------------------------
> Command Limiting Policy SSH_FXP_READDIR closing connection
> ----------------------------------------------------------
>
> Key: SSHD-1042
> URL: https://issues.apache.org/jira/browse/SSHD-1042
> Project: MINA SSHD
> Issue Type: New Feature
> Reporter: Shahbaz
> Assignee: Lyor Goldstein
> Priority: Major
> Attachments: apache rmdir.PNG, maverick filesystem.PNG
>
>
> *This are the below commands which prevent the execution of process for the user at instance level relating to permission of open, read, write, opendir, readdir, remove, rename, makedir, removedir respectively.*
> *SSH_FXP_OPEN*
> *SSH_FXP_READ*
> *SSH_FXP_WRITE*
> *SSH_FXP_OPENDIR*
> *SSH_FXP_READDIR*
> *SSH_FXP_REMOVE*
> *SSH_FXP_RENAME*
> *SSH_FXP_MKDIR*
> *SSH_FXP_RMDIR*
> *But the command for* *SSH_FXP_READDIR is not executed as it directly closes the connection. This connection is closed because while throwing the exception it directly calls destroy method from filesystem. Is there any workaround to inhibit its execution when we extend sftpsubsytem class where exception is thrown.***
> *While reading the directory when SH_FXP_READDIR is applied, the operation is interrupted, as it evokes the destroy function to close the connection directly when an IOException is thrown. The issue is how can we make sure the destroy function is not called, when exception is thrown in a class which extends SFTPSubsystem.*
>
> *Exact working scenarios of the above issue:*
> We have our implementation of Command Limiting Policy to prevent specific IP addresses or users from executing
> certain commands on an SFTP server.
> After validation of the policy, we don't want user to perform the operation based on the command which is applied on the policy.
> For example: When the SSH_FXP_OPENDIR is invoked, the user is restricted from open directory operation.
> Our issue is related to command SSH_FXP_READDIR command.
> Expected Behaviour : Prevent user from reading the directory when sftp ls command is executed, by giving the message like "Unable to read the directory".
> But we see that, though we throw AcessDeniedException on validating the policy, the connection is getting closed, and we get an error as "Connection closed".
> We have the same implementation for validating the policy and we throw AcessDeniedException in case of all the sftp commands(if we need to prevent the user/ip)
> We find that all the sftp commands work as expected, except SSH_FXP_READDIR. The difference we find is that destroy() method in SFTP Subsystem is getting invoked after our policy validation in SSH_FXP_READDIR. In case of all other commands, we dont see destro() getting invoked.
>
> Is there any specific thing that needs to be handled in our implementation to prevent destroy() from getting invoked and connection getting closed. We are unable to find why destroy() is invoked in case of SSH_FXP_READDIR command, even though AcessDeniedException is thrown from our implementation.
>
>
>
> *Below attached are the images which shows how destroy is invoked in both maverick and apache case.*
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org