Finally managed to create a jailed SFTP server, but how secure?

TheO idgajelas@yahoo.com
Fri Dec 5 20:15:00 GMT 2008


> 
> THis isn't a question of being good or badly implemented, it's the
> simple fact that it doesn't (and can't) provide what people think it
> does.  Chroot is a bad fake on Cygwin.  Even a super cool implementation
> doesn't change that.
> 

I don't know how chroot is implemented but so far everything looks fine Corinna.
Normal files in C: drive are not visible because they would have to be mapped to
/cygdrive/c/xxx first (and /cygdrive/c doesn't exist).

I think the only possibility too see out of jail is by accessing Windows special
file names like COM1, LPT1 or pipe names. But this is inherent to "Cygwin over Windows"
filesystem not just to chroot.

Fortunately I can live without COM1 or LPT1 (I can remove or disable them).


      

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list