Mail Archives: cygwin/2008/12/01/16:15:13
On 12/01/2008, TheO wrote:
> According to my observation, regardless of his authentication (public key
> or password), he can only see a limited number of directories within the
> jail environment. The only directory which is virtually added by Cygwin
> during his login, and therefore beyond my control, is /cygdrive. Luckily
> enough for me, it is empty so in my opinion the user can't traverse my
> harddisk.
If you're happy with the results, that's fine. However, you asked how
secure SFTP was. The answer is as I've said. Cygwin is not the O/S.
It cannot enforce restrictions on the O/S. Only the O/S can restrict
or grant access to users.
I have not attempted to set up a jailed SFTP environment on Cygwin. It
may be that what you've done hems the user into the area you want when
he/she is using Cygwin tools. However, this does not restrict the user
with Windows native tools. If he/she is able to leverage those inside
the jail, then the user has the keys he/she wants to get out.
--
Larry Hall http://www.rfk.com
RFK Partners, Inc. (508) 893-9779 - RFK Office
216 Dalton Rd. (508) 893-9889 - FAX
Holliston, MA 01746
_____________________________________________________________________
A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -