From f074600ba3bc98d3d009aa8576bd6f9b3d16294d Mon Sep 17 00:00:00 2001 From: dtucker Date: Sat, 9 Jan 2010 11:24:33 +0000 Subject: - djm@cvs.openbsd.org 2010/01/09 00:20:26 [sftp-server.c sftp-server.8] add a 'read-only' mode to sftp-server(8) that disables open in write mode and all other fs-modifying protocol methods. bz#430 ok dtucker@ --- sftp-server.8 | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'sftp-server.8') diff --git a/sftp-server.8 b/sftp-server.8 index ee73c345..84036922 100644 --- a/sftp-server.8 +++ b/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.17 2009/08/31 21:01:29 djm Exp $ +.\" $OpenBSD: sftp-server.8,v 1.18 2010/01/09 00:20:26 djm Exp $ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 31 2009 $ +.Dd $Mdocdate: January 9 2010 $ .Dt SFTP-SERVER 8 .Os .Sh NAME @@ -30,7 +30,7 @@ .Nd SFTP server subsystem .Sh SYNOPSIS .Nm sftp-server -.Op Fl eh +.Op Fl ehR .Op Fl f Ar log_facility .Op Fl l Ar log_level .Op Fl u Ar umask @@ -81,6 +81,12 @@ performs on behalf of the client. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR. +.It Fl R +Places this instance of +.Nm +into a read-only mode. +Attempts to open files for writing, as well as other operations that change +the state of the filesystem will be denied. .It Fl u Ar umask Sets an explicit .Xr umask 2 -- cgit v1.2.1