sshd privsep user still required?
Corinna Vinschen
corinna-cygwin@cygwin.com
Wed Mar 13 15:29:00 GMT 2019
On Mar 13 09:11, Bill Stewart wrote:
> On Wed, Mar 13, 2019 at 2:57 AM Corinna Vinschen wrote:
>
> > > a) Why is it necessary to specify SYSTEM as user number 0 in the
> > > /etc/password file?
> > >
> > > b) Why is the sshd account required?
> >
> > sshd checks for uid 0 and requires the sshd account when chroot is
> > requested.
> >
> > > c) Why are /cygdrive and /dev directories visible when connecting using
> a
> > > sftp client?
> >
> > The Cygwin chroot implementation is pure fake. It's not backed by the
> > OS and it's failry easy to break out of the jail. As such, the chroot
> > implementation is deprecated and only kept for backward compatibility.
> > I suggest not to use it. It gives a wrong sense of security.
>
> Right: I totally understand that Cygwin's chroot implementation does not
> add any security (because chroot doesn't exist natively on Windows).
>
> However: It's still the case that the user cannot bypass OS security even
> if he or she "escapes" from the jail, right?
>
> My goal is to restrict sftp browsing on the client side.
>
> Using ChrootDirectory with "ForceCommand internal-sftp" in sshd_config
> seems to accomplish this.
>
> Is this not correct?
It seems like it, but I wouldn't bet on it. The fact that /cygdrive and
/dev directories are still visible inside the chroot jail speaks against
that.
Corinna
--
Corinna Vinschen
Cygwin Maintainer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20190313/58a1d3e5/attachment.sig>
More information about the Cygwin
mailing list