This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Finally managed to create a jailed SFTP server, but how secure?


Hi, all Cygwinners!

I've been following this thread with most interest, because I've been
thinking in setting up some kind of chroot'ed  SFTP environment
myself.
The tone of the answers are, however, consistent with what I've
already saw in similar threads in the last months. Yet, I still
consider that this kind of answer is lacking the informative part as
in "It's not secure BECAUSE...".

>From the answers in this and many other threads, and a little
"gray-matter shaking"(tm) I think I can try to put in words all the
implications around this kind of setup. Please feel free to correct
me, as this is also a "confirmation-probe" from myself to the
list-gurus:

1) Chroot-like features are not supported natively in Windows. Not
even close. Period;
2) Chroot, although configurable in the sshd-config, is not
implemented in sshd (or sftp) but in the Cygwin DLL itself. You can,
for example, do a chroot "on demand" with the chroot(1) command in a
bash prompt - see man chroot.
3) From 1) and 2) you can easily guess that any native windows command
couldn't care less about any chroot configuration or command because
it just does not exist in their environment!
4) Only commands compiled for Cygwin, AND accessing the file system
exclusively through the Cygwin POSIX interfaces can (and will) obey
the chroot settings;
5) So, the bottom line is, for the particular SFTP scenario: As long
as you don't give any executable possibilities to the remote users,
you should stay safe. As far as I can tell, SFTP (and SSHD) fits the
scenario in 4).

Now for my own doubt: why is everyone walking (running) away from
making a statement such as 5)? Is there an easy (or difficult,
whatever) way for anyone execute commands in a SFTP command line?

Thanks for your wisdom!
___________
Julio Costa



On Wed, Dec 3, 2008 at 7:29 AM, TheO <idgajelas@yahoo.com> wrote:
>
> Hi again,
>
> I am afraid I have to ask for clarification again :(, I hope this is the last
> time before I am on my own with this:
>
>
>
> >
> > No, you cannot hide it.  It is created by Cygwin itself as a convenience
> > to access the virtual 'cygdrive' directory.  This is one of a number of
> > virtual directories ('/proc' and '/dev' come to mind) that Cygwin supports.
> > See the description of "Special filenames" in the User's Guide for more
> > details.
> >
>
> I understand why all these virtual directories are necessary at the absolute
> '/' root level. But here I refer to /cygdrive which is created inside the jail
> directory, which means in absolute path, /jail/cygdrive (/jail being the root
> of my jail). Inside the jail, only /cygdrive is created, no other virtual
> directories (/proc or /dev/xxx) or files are created.
>
>
>
> >
> > In 1.7, there is a
> > new authentication module that will solve these and other pubkey
> > authentication problems.  But 1.7 is not currently released and it's
> > release date is not decided.
> >
>
> Thanks for this input. I suppose that to be on safe side, I must restrict
> it to password based authentication only if I use the current Cygwin.
>
>
>
> And finally one more question. I am only aware of two subsystems supported
> by sshd more or less implicitely; sftp and shell (interactive logon). Is there
> any other subsystems which are handled by sshd implicitely (without me having
> to add anything to /etc/sshd_config)?
>
> Thanks again.
>
>
>
>
>
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Problem reports:       http://cygwin.com/problems.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
>

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]