Finally managed to create a jailed SFTP server, but how secure?

TheO idgajelas@yahoo.com
Fri Dec 5 19:40:00 GMT 2008


> What about:
> 
> $ sftp localhost
> Connecting to localhost...
> sftp> symlink 'C:\Windows' bar
> sftp> cd bar

Sorry I missed out the ', here we go again with ' this time:

sftp> symlink 'C:\foobar' foobar
sftp> symlink 'C:\windows' windows
sftp> ls -al
drwxr-xr-x    2 root     root            0 Dec  5 19:37 .
drwxr-xr-x    3 root     root            0 Dec  4 16:22 ..
-rw-r--r--    1 root     root           34 Dec  5 15:52 bar
lrwxrwxrwx    1 root     root            4 Dec  5 15:49 foo
lrwxrwxrwx    1 root     root            9 Dec  5 19:37 foobar
sftp> get foobar
Fetching /home/Administrator/foobar to foobar
Couldn't stat remote file: No such file or directory
sftp> cd windows
Couldn't canonicalise: No such file or directory


Same result though


      

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list