This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Finally managed to create a jailed SFTP server, but how secure?



TheO wrote:
From what we've seen so far, it seems that SFTP responds as expected.
That is all that I want to know.
From this point forward, we must try to close all other access ways
that does not belong to the scenario... but those are not excuses to
not implement the SFTP chroot.


Actually, my real case is even simpler than this. My SFTP users are all "friendly", they are not unknown to me. It is a cooperative environment and to be honest, I don't believe that they would harm my system by hacking into it.


But I don't want them to poke around and see the content of other directories which
do not concern them, read my config files, see who other users are or list the content
of my C: drive, ...

Yes so far the set up looks as expected. However, I would have preferred better if
/cygdrive was not visible too even if they can't do anything with it. Ideally there
should not be anything which could give them any hint on the type of my platform.

if you are concerned about the "cygdrive" text there is a registry entry where you can set that to whatever you want including "". That is what I do. I would tell you what it is but my windows machine is not here right now. Then when you "ls /" you get /c, /d etc instead of /cygdrive/c, /cygdrive/d, etc.
cheers,
roger wells
I don't know who creates /cygdrive here. It is not required in this chroot'ed environment. My guess, it is created by sftp-server at start up (regardless whether
it runs under chroot'ed environment or not). Maybe someone can confirm this better than
me.




One more thing to add.

According to its RFC (4254), once a session is established, SSH allows the client to specify
anycommand to execute or any subsystem to be spawned on the server side.

But I think I am safe here too because;

1. I only put sftp subsystem in the sshd_config so any other subsystem request will fail.
2. No command can be executed since it requires /bin/bash (or another shell as defined by
   /etc/passwd) to be present in the jail.




--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



-- Roger Wells, P.E. SAIC 221 Third St Newport, RI 02840 401-847-4210 (voice) 401-849-1585 (fax) roger.k.wells@saic.com


-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]