This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Remove user access to local drives?
- From: "Ehud Karni" <ehud at unix dot mvs dot co dot il>
- To: skatingrox2 at gmail dot com
- Cc: cygwin at cygwin dot com
- Date: Thu, 1 Mar 2007 16:28:15 +0200
- Subject: Re: Remove user access to local drives?
- References: <loom.20070227T203610-344@post.gmane.org>
- Reply-to: ehud at unix dot mvs dot co dot il
On Tue, 27 Feb 2007 19:37:25, Francis wrote:
>
> I am running a OpenSSH server for some friends on my machine, and I was hoping
> to disable access to /cygdrive (local drives.) Is there a way to prevent them
> from modifying any files also? this is intended just as a SSH tunneling method
> to get us around some Websense.
I have restricted ssh users to a some directory with some commands only
on GNU/Linux by using `chroot' and restricted shell (bash). This won't
work on Cygwin, because there is no `chroot' jail (not supported by the
underlying OS).
You have 2 options:
1. Use the /etc/passwd to specify your own shell which will check the
input and execute only the allowed commands (by being filter to a
shell or by calling `system').
2. Use cgf advice and restrict the ssh user to one command only (by the
authorized_keys file which will be a filter (same as in 1). This has
some drawbacks on Cygwin (unlike UNIX), but for your purpose it is
not significant.
Ehud.
--
Ehud Karni Tel: +972-3-7966-561 /"\
Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign
Insurance agencies (USA) voice mail and X Against HTML Mail
http://www.mvs.co.il FAX: 1-815-5509341 / \
GnuPG: 98EA398D <http://www.keyserver.net/> Better Safe Than Sorry
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/