mina-sshd icon indicating copy to clipboard operation
mina-sshd copied to clipboard

Published 20 hours ago verified publisher icon apache

[Support Request] Read only VirtualFileSystemFactory

Open ThanasisBarekas opened this issue 2 years ago • 1 comments

Hello,

Is it possible to create a read only VirtualFileSystemFactory ? if yes can you please share an example ?

Thank you, Thanasis

ThanasisBarekas avatar Dec 20 '22 19:12 ThanasisBarekas

I looked at that a while ago myself in the context of Gerrit issue 15944. I didn't see immediately how to do that. Perhaps someone more knowledgeable with FileSystems can chime in here.

To enforce read-only SFTP access, another approach might be using a org.apache.sshd.contrib.server.subsystem.sftp.SimpleAccessControlSftpEventListener.READ_ONLY_ACCESSOR. Something like

  SftpSubsystemFactory.Builder builder = new SftpSubsystemFactory.Builder();
  builder.addSftpEventListener(SimpleAccessControlSftpEventListener.READ_ONLY_ACCESSOR);
  server.setSubsystemFactories(Collections.singletonList(builder.build())); // Actually, add the SFTP factory to whatever other factories there are.
  server.setFileSystemFactory(new VirtualFileSystemFactory(rootPath));

Otherwise look at org.apache.sshd.common.file.root.RootedFileSystem. It does have an isReadOnly() method. It might perhaps be necessary to override more methods to make it truly read-only, and you'd need a provider for it, and probably override parts of the VirtualFileSystemFactory to use your own read-only filesystem implementation.

tomaswolf avatar Dec 20 '22 21:12 tomaswolf