delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2008/12/03/10:04:17

X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
References: <664060 DOT 6380 DOT qm AT web34704 DOT mail DOT mud DOT yahoo DOT com> <933558 DOT 98400 DOT qm AT web34705 DOT mail DOT mud DOT yahoo DOT com> <4934527E DOT 2070200 AT cygwin DOT com> <961872 DOT 64997 DOT qm AT web34701 DOT mail DOT mud DOT yahoo DOT com> <493568B8 DOT 3010308 AT cygwin DOT com> <49376 DOT 99112 DOT qm AT web34702 DOT mail DOT mud DOT yahoo DOT com> <20081202231141 DOT GA5449 AT ednor DOT casa DOT cgf DOT cx> <451120 DOT 45664 DOT qm AT web34703 DOT mail DOT mud DOT yahoo DOT com> <4935DD4B DOT 7050907 AT cygwin DOT com> <690548 DOT 2534 DOT qm AT web34702 DOT mail DOT mud DOT yahoo DOT com> <af075b00812030245m2b64cae2q4601c63424da611 AT mail DOT gmail DOT com> <49366705 DOT 5D2D6371 AT dessent DOT net> <940072 DOT 24685 DOT qm AT web34702 DOT mail DOT mud DOT yahoo DOT com> <49368561 DOT A8EAD4CF AT dessent DOT net> <371457 DOT 93288 DOT qm AT web34704 DOT mail DOT mud DOT yahoo DOT com> <49368C19 DOT 3060705 AT byu DOT net>
Date: Wed, 3 Dec 2008 07:03:31 -0800 (PST)
From: TheO <idgajelas AT yahoo DOT com>
Subject: Re: Finally managed to create a jailed SFTP server, but how secure?
To: Eric Blake <ebb9 AT byu DOT net>, cygwin AT cygwin DOT com
MIME-Version: 1.0
Message-ID: <378707.37220.qm@web34701.mail.mud.yahoo.com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com 

> 

> And what about Brian's other point - if sshd has a security bug like a
> buffer overrun (shudder, but possible - look at how often openssh has been
> updated over the years to fix security holes as soon as someone identifies
> one)
>

Such hole would affect all OpenSSH implementation. Even the Linux version.
Am I correct?


      

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019