This is the mail archive of the
mailing list for the Cygwin project.
Re: sshd privsep user still required?
- From: Bill Stewart <bstewart at iname dot com>
- To: cygwin at cygwin dot com
- Date: Wed, 13 Mar 2019 09:11:42 -0600
- Subject: Re: sshd privsep user still required?
- References: <CANV9t=S6LFnDSKiJsL3GpjLNC+srJCAgkScZTiG0yAbxq3b40A@mail.gmail.com> <CANV9t=SWJ_65Y7jgqgDzNkaUPh1YCHfibp6vb+tmvg-wKtPLyQ@mail.gmail.com> <20190313085650.GS3785@calimero.vinschen.de>
On Wed, Mar 13, 2019 at 2:57 AM Corinna Vinschen wrote:
> > a) Why is it necessary to specify SYSTEM as user number 0 in the
> > /etc/password file?
> > b) Why is the sshd account required?
> sshd checks for uid 0 and requires the sshd account when chroot is
> > c) Why are /cygdrive and /dev directories visible when connecting using
> > sftp client?
> The Cygwin chroot implementation is pure fake. It's not backed by the
> OS and it's failry easy to break out of the jail. As such, the chroot
> implementation is deprecated and only kept for backward compatibility.
> I suggest not to use it. It gives a wrong sense of security.
Right: I totally understand that Cygwin's chroot implementation does not
add any security (because chroot doesn't exist natively on Windows).
However: It's still the case that the user cannot bypass OS security even
if he or she "escapes" from the jail, right?
My goal is to restrict sftp browsing on the client side.
Using ChrootDirectory with "ForceCommand internal-sftp" in sshd_config
seems to accomplish this.
Is this not correct?
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple