Finally managed to create a jailed SFTP server, but how secure?

Corinna Vinschen
Fri Dec 5 14:14:00 GMT 2008

On Dec  5 10:43, Julio Emanuel wrote:
> If it is so, Corinna, maybe the implementation is in a bit better
> shape than you remember? Can you confirm that this is result from
> chroot implementation in cygwin dll? (just morbid curiosity, at this
> stage :)

THis isn't a question of being good or badly implemented, it's the
simple fact that it doesn't (and can't) provide what people think it
does.  Chroot is a bad fake on Cygwin.  Even a super cool implementation
doesn't change that.

>  But regarding this SFTP
> implementation, what I (and TheO too, I suppose) want to know is not
> the myriad of ways that security can go wrong; but only if the chroot
> filtering (strictly inside of SFTP implementation) is honored.

Given that chroot is implemented within Cygwin, SFTP has nothing to do
with it.  However, this is EOD for me.  You have been warned.  Feel
free to use it, but I, for one, wouldn't.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list