This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Finally managed to create a jailed SFTP server, but how secure?
TheO wrote:
Risk is exactly my main concern here.
<snip>
I understand that in theory Cygwin, as a normal Win32 process, can't offer more
protection that what Windows can.
<snip>
The thing is as a newbie in Cygwin, I don't know the exact inner working of Cygwin. I
don't know what Cygwin does when it is chroot'ing. I know very little of what it does
when I log on using public key authentication (it runs under sshd account as opposed to
user account). I don't know why under chroot setting, Cygwin creates /cygdrive under
my /jail directory. And I don't know what one can do if he has read access to it. I am
just an ordinary Cygwin user from this perspective with no knowledge of Cygwin internal
process.
That's why I need input from those who have more visibility than me to point me to the
right direction.
And you've been pointed in that direction. Sorry if it falls short of
your hopes but at the moment at least, that's the best advice we can
give you.
--
Larry Hall http://www.rfk.com
RFK Partners, Inc. (508) 893-9779 - RFK Office
216 Dalton Rd. (508) 893-9889 - FAX
Holliston, MA 01746
_____________________________________________________________________
A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/