Finally managed to create a jailed SFTP server, but how secure?

Tue Dec 2 22:19:00 GMT 2008


> I understand.  If SFTP under Cygwin fits your needs and you can live
> with the risks, then you should continue using it.  I certainly don't
> understand your application or its requirements for communication but
> given your description above, it seems to me that 'scp' would serve your
> purpose and wouldn't rely on a limited 'chroot' capabilities.  But I'm
> assuming you've already thought of that and have ruled it out for your
> own reasons.

Yes, SFTP is the only choice for me here. Actually nowadays , at least in my 
organization, SFTP becomes the most preferable method to transfer file securely.
Its popularity leaves behind FTP over VPN and FTP/SSL (another secured version
of FTP).

Unfortunately I can't use 'scp'.

> Good question.  A better one is are you willing to accept the risk?  I also
> want to once again point out that "a restricted FTP subsystem" does not
> have all the same restrictions as it would in a UNIX/Linux environment.
> Only you can decide whether this difference is something you can live
> with.

Risk is exactly my main concern here. That's why I tried myself to find any possible
hole using this set up. I even considered once to use coLinux ( which
offers native Linux inside Windows, but after trying to install it myself I found it
to be too burdensome for my (sob) Windows support team to deploy and maintain it.
Especially when Windows itself is actually running on top of VMWare virtual machine. 
Cygwin seems extremely light in comparison to it and it runs as a normal Win32 process.

I understand that in theory Cygwin, as a normal Win32 process, can't offer more 
protection that what Windows can. Eventhough Windows itself, if properly configured, is
a very secure system. For example, Windows ACL is more complex than the standard 
user/group/other rwx flag on *nix. But don't flame me for saying this please. I don't 
want to start any issue related to Windows vs *nix here.

The thing is as a newbie in Cygwin, I don't know the exact inner working of Cygwin. I
don't know what Cygwin does when it is chroot'ing. I know very little of what it does 
when I log on using public key authentication (it runs under sshd account as opposed to 
user account). I don't know why under chroot setting, Cygwin creates /cygdrive under 
my /jail directory. And I don't know what one can do if he has read access to it. I am
just an ordinary Cygwin user from this perspective with no knowledge of Cygwin internal

That's why I need input from those who have more visibility than me to point me to the
right direction.

I promise to help promote Cygwin in Windows community if I can find a way to make it
as a secure SFTP server :). I am sure a lot of Windows users will prefer Cygwin to other
commercial softwares.

Thanks again.


Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list