This patch has been around for several years. I used to be more diligent about maintaining it but lately I have been slacking off. I'll try to release updates when new versions of openssh appear, but no guarantees.
patch for openssh that allows a system administrator to set the umask on sftp sessions and to control whether the client may issue chown and chmod commands in an sftp session. You may optionally designate a umask that overrides any server, client or environment umasks. This is useful in cases where you want to enforce a strict file creation mode and you want to prohibit users from being able to change file permissions on existing files. An example is a web development server that contains a common folder where many users upload and modify content. The chown/chmod feature is useful in cases where you want to prohibit ftp clients from changing ownership of public area files.
This patch supersedes the popular sftplogging patch for openssh versions 4.4p1 and higher.
This patch is designed for Unix-based operating systems.
List of distributions that include this patch:
System admins will be interested in my description of how to build your own S3- and EBS-backed AMIs for AWS EC2 using vanilla CentOS installation discs and running your own stock CentOS kernel: See here: http://amazonaws.michael--martinez.com
System admins/Desktop Support/IT Helpdesk people will be interested in my tutorial on how to build a useful, multifunction, multiboot USB Stick: Utility USB Stick
More details about the history of the patch, who uses it, and the author are given in the sftplogging link above.
------------------ ANNOUNCEMENTS ----------------------
May 21, 2011. Sorry it's been a while since I updated the patch. I'll try to get to it soon.
May 21, 2011. Added link to my homepage
March 15, 2010. released openssh-5.4p1.sftpfilecontrol-v1.3.patch
January 29, 2010. released openssh-5.3p1.sftpfilecontrol-v1.3.patch
March 30, 2009. released openssh-5.2p1.sftpfilecontrol-v1.3.patch
January 4, 2009. v1.3 release. Compatibility fix for AIX users. It appears that the C compiler on AIX does not support "//" comment delimiter so I replaced this with the standard delimiter.
October 12, 2008. Released openssh-5.1p1.sftpfilecontrol-v1.2.patch
June 10, 2008. Released openssh-5.0p1.sftpfilecontrol-v1.2.patch
March 19, 2007. Released openssh-4.6p1.sftpfilecontrol-v1.2.patch
March 19, 2007. v1.2 release. Compatibility fix. On Solaris, getenv() does not return NULL, it returns a pointer to a null string.
You may download the patch here: http://sftpfilecontrol.sourceforge.net/download
You may read about the author here: http://sftplogging.sourceforge.net/abouttheauthor.html
You may contact the author here: Michael Martinez email@example.com