Finally managed to create a jailed SFTP server, but how secure?

Larry Hall (Cygwin)
Tue Dec 2 22:54:00 GMT 2008

TheO wrote:
> Risk is exactly my main concern here. 


> I understand that in theory Cygwin, as a normal Win32 process, can't offer more 
> protection that what Windows can. 


> The thing is as a newbie in Cygwin, I don't know the exact inner working of Cygwin. I
> don't know what Cygwin does when it is chroot'ing. I know very little of what it does 
> when I log on using public key authentication (it runs under sshd account as opposed to 
> user account). I don't know why under chroot setting, Cygwin creates /cygdrive under 
> my /jail directory. And I don't know what one can do if he has read access to it. I am
> just an ordinary Cygwin user from this perspective with no knowledge of Cygwin internal
> process.
> That's why I need input from those who have more visibility than me to point me to the
> right direction.

And you've been pointed in that direction.  Sorry if it falls short of
your hopes but at the moment at least, that's the best advice we can
give you.

Larry Hall                    
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
216 Dalton Rd.                          (508) 893-9889 - FAX
Holliston, MA 01746


A: Yes.
 > Q: Are you sure?
 >> A: Because it reverses the logical flow of conversation.
 >>> Q: Why is top posting annoying in email?

Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list