[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-announce] [download] SFTP disabled
From: |
Ineiev |
Subject: |
[Savannah-announce] [download] SFTP disabled |
Date: |
Mon, 27 Nov 2023 11:22:15 +0000 |
Hello,
Recently, we've found a vulnerability in our SFTP setup, and couldn't
fix it otherwise than completely disabling SFTP. This affects
uploading files to the *download* host, namely, the download area
and audio-video.gnu.org.
The files still can be uploaded using SCP. What SCP can't do is
removing erroneously uploaded files. Before enabling SFTP back in
2022, Savannah admins removed such files manually on request, but
these days, we added restricted commands, *rm* and *rmdir*, that can
be run via SSH to that end. For specific examples, please check
Savannah documentation on uploading files,
https://savannah.nongnu.org/maintenance/DownloadArea/
Sorry for the inconvenience, and thank you for your work
on free software!
signature.asc
Description: PGP signature
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-announce] [download] SFTP disabled,
Ineiev <=