This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Finally managed to create a jailed SFTP server, but how secure?


> 
> THis isn't a question of being good or badly implemented, it's the
> simple fact that it doesn't (and can't) provide what people think it
> does.  Chroot is a bad fake on Cygwin.  Even a super cool implementation
> doesn't change that.
> 

I don't know how chroot is implemented but so far everything looks fine Corinna.
Normal files in C: drive are not visible because they would have to be mapped to
/cygdrive/c/xxx first (and /cygdrive/c doesn't exist).

I think the only possibility too see out of jail is by accessing Windows special
file names like COM1, LPT1 or pipe names. But this is inherent to "Cygwin over Windows"
filesystem not just to chroot.

Fortunately I can live without COM1 or LPT1 (I can remove or disable them).


      

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]