This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Lock down CYGWIN SSH User to single directory.


On Nov 17 20:08, JMCColorado wrote:
> René Berber <r.berber <at> computer.org> writes:
> >   http://chrootssh.sourceforge.net/
> 
> I have heard that CHRoot might work, but I have also heard that it
> still allows someone to SCP outside of where they can SSH to.

The chroot system call only works inside Cygwin.  As soon as Windows
native tools are involved, you've lost since a chroot concept just
doesn't exist on Windows.

> I need to ensure that the user can't get anywhere but the one
> directory I want them to have access to. Unfortunately, with Windows
> giving "Everyone" access to just about everything, this seems very
> difficult to do.
> 
> Any more ideas?

As I said, as the administrator you're resonsible to set the permissions
correctly.  It's not as simple as "everyone has access".  There are
knowledge base articles and white papers from Microsoft about
controlling user access.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]