This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: sshd privsep user still required?
- From: Bill Stewart <bstewart at iname dot com>
- To: cygwin at cygwin dot com
- Date: Wed, 13 Mar 2019 09:58:25 -0600
- Subject: Re: sshd privsep user still required?
- References: <CANV9t=S6LFnDSKiJsL3GpjLNC+srJCAgkScZTiG0yAbxq3b40A@mail.gmail.com> <CANV9t=SWJ_65Y7jgqgDzNkaUPh1YCHfibp6vb+tmvg-wKtPLyQ@mail.gmail.com> <20190313085650.GS3785@calimero.vinschen.de> <CANV9t=Q=HDAoVxjvSp9EqX0GttwxZLW6=OxO6o4eLzs8mejFRQ@mail.gmail.com> <20190313152901.GA18873@calimero.vinschen.de>
On Wed, Mar 13, 2019 at 9:29 AM Corinna Vinschen wrote:
> > However: It's still the case that the user cannot bypass OS security
even
> > if he or she "escapes" from the jail, right?
> >
> > My goal is to restrict sftp browsing on the client side.
> >
> > Using ChrootDirectory with "ForceCommand internal-sftp" in sshd_config
> > seems to accomplish this.
> >
> > Is this not correct?
>
> It seems like it, but I wouldn't bet on it. The fact that /cygdrive and
> /dev directories are still visible inside the chroot jail speaks against
> that.
So to summarize: Even though the fake chroot doesn't increase security, it
doesn't reduce it, either.
In other words, even if the user "escapes" the jail, he or she can still
only do what the underlying OS permits.
Bill
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple