upstream: better terminology for permissions; feedback & ok markus@
OpenBSD-Commit-ID: ff2a71803b5ea57b83cc3fa9b3be42b70e462fb9
This commit is contained in:
parent
fc270baf26
commit
473b4af43d
|
@ -1,4 +1,4 @@
|
||||||
.\" $OpenBSD: sftp-server.8,v 1.28 2019/11/30 07:07:59 jmc Exp $
|
.\" $OpenBSD: sftp-server.8,v 1.29 2020/06/22 05:53:26 djm Exp $
|
||||||
.\"
|
.\"
|
||||||
.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
|
.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
.\"
|
.\"
|
||||||
|
@ -22,7 +22,7 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.Dd $Mdocdate: November 30 2019 $
|
.Dd $Mdocdate: June 22 2020 $
|
||||||
.Dt SFTP-SERVER 8
|
.Dt SFTP-SERVER 8
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -35,8 +35,8 @@
|
||||||
.Op Fl d Ar start_directory
|
.Op Fl d Ar start_directory
|
||||||
.Op Fl f Ar log_facility
|
.Op Fl f Ar log_facility
|
||||||
.Op Fl l Ar log_level
|
.Op Fl l Ar log_level
|
||||||
.Op Fl P Ar blacklisted_requests
|
.Op Fl P Ar denied_requests
|
||||||
.Op Fl p Ar whitelisted_requests
|
.Op Fl p Ar allowed_requests
|
||||||
.Op Fl u Ar umask
|
.Op Fl u Ar umask
|
||||||
.Ek
|
.Ek
|
||||||
.Nm
|
.Nm
|
||||||
|
@ -99,20 +99,20 @@ performs on behalf of the client.
|
||||||
DEBUG and DEBUG1 are equivalent.
|
DEBUG and DEBUG1 are equivalent.
|
||||||
DEBUG2 and DEBUG3 each specify higher levels of debugging output.
|
DEBUG2 and DEBUG3 each specify higher levels of debugging output.
|
||||||
The default is ERROR.
|
The default is ERROR.
|
||||||
.It Fl P Ar blacklisted_requests
|
.It Fl P Ar denied_requests
|
||||||
Specify a comma-separated list of SFTP protocol requests that are banned by
|
Specify a comma-separated list of SFTP protocol requests that are banned by
|
||||||
the server.
|
the server.
|
||||||
.Nm
|
.Nm
|
||||||
will reply to any blacklisted request with a failure.
|
will reply to any denied request with a failure.
|
||||||
The
|
The
|
||||||
.Fl Q
|
.Fl Q
|
||||||
flag can be used to determine the supported request types.
|
flag can be used to determine the supported request types.
|
||||||
If both a blacklist and a whitelist are specified, then the blacklist is
|
If both denied and allowed lists are specified, then the denied list is
|
||||||
applied before the whitelist.
|
applied before the allowed list.
|
||||||
.It Fl p Ar whitelisted_requests
|
.It Fl p Ar allowed_requests
|
||||||
Specify a comma-separated list of SFTP protocol requests that are permitted
|
Specify a comma-separated list of SFTP protocol requests that are permitted
|
||||||
by the server.
|
by the server.
|
||||||
All request types that are not on the whitelist will be logged and replied
|
All request types that are not on the allowed will be logged and replied
|
||||||
to with a failure message.
|
to with a failure message.
|
||||||
.Pp
|
.Pp
|
||||||
Care must be taken when using this feature to ensure that requests made
|
Care must be taken when using this feature to ensure that requests made
|
||||||
|
@ -122,7 +122,7 @@ Query protocol features supported by
|
||||||
.Nm .
|
.Nm .
|
||||||
At present the only feature that may be queried is
|
At present the only feature that may be queried is
|
||||||
.Dq requests ,
|
.Dq requests ,
|
||||||
which may be used for black or whitelisting (flags
|
which may be used to deny or allow specific requests (flags
|
||||||
.Fl P
|
.Fl P
|
||||||
and
|
and
|
||||||
.Fl p
|
.Fl p
|
||||||
|
|
Loading…
Reference in New Issue