[Bug 286337] Re: Please backport OpenSSH 5.1 to Hardy

[Ray Robert]

Stability is an important value in a server, but it's not the only
value.

Offering SFTP in a limited directory tree is a common server function.
The claim that there is no security value in offering a version of
OpenSSH with simplified SFTP chroot is rather disingenuous.  The Ubuntu
position appears to be:

  (a) Go to one of our shorter-lived releases and do that part right; just give up the stability value
  (b) Use tedious workarounds involving building chroot jails for each user
  (c) Force users to downgrade to FTP (a la Windows) which can easily be chrooted
  (d) Some other Linux distros are even further behind the curve so suck it up and enjoy

It's not clear what criteria Ubuntu is using to decide what to backport.
But a package like this that is central to many servers' purposes ought
to a prime candidate, particularly when there's no architectural reason
why it can't be backported easily.  See Siegfried's site.

-- 
Please backport OpenSSH 5.1 to Hardy
https://bugs.launchpad.net/bugs/286337
You received this bug notification because you are a member of Ubuntu
Backports Testing Team, which is subscribed to Hardy Backports.