Finally managed to create a jailed SFTP server, but how secure?

TheO idgajelas@yahoo.com
Fri Dec 5 19:37:00 GMT 2008


> What about:
> 
> $ sftp localhost
> Connecting to localhost...
> sftp> symlink 'C:\Windows' bar

    sftp> symlink C:\foobar foobar
    sftp> symlink C:\windows windows
    
sftp> ls -al
    drwxr-xr-x    2 root     root            0 Dec  5 19:31 .
    
drwxr-xr-x    3 root     root            0 Dec  4 16:22 ..
    
-rw-r--r--    1 root     root           34 Dec  5 15:52 bar
    
lrwxrwxrwx    1 root     root            4 Dec  5 15:49 foo
    
lrwxrwxrwx    1 root     root            8 Dec  5 19:30 foobar
    
lrwxrwxrwx    1 root     root            9 Dec  5 19:31 windows
    sftp> get foobar
    Fetching /home/Administrator/foobar to foobar
    Couldn't stat remote file: No such file or directory
    sftp> cd windows
    Couldn't canonicalise: No such file or directory

The command symlink worked but the actual access didn't


      

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list