| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=gjwBLqah4xor+gRbgEynBNnMVkzrOX+hUJx96wfqjvUzZTJBfS5Ix | |
| MbT1G+Luo5Ml0UBYQyYU0MMIlhofgvhuu9ZBN0Sp5uW1pvBNQB95d7ZcQ9kazvtP | |
| RcrVzVf4/0CO7DZTnhMDzq1ZPvss2QpbZnt9J5YaUNwkJDCajXEaXs= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=JPXT9qfKNNcyrZ7Bxu4vbXhG2nk=; b=BcbQAHUq0omtnbsPFs2r6IzN3WAc | |
| 3Fa304cWpEWr0u7R8Lag8XuzMp7IExniq4/C5ypFmrf5M7D4WO6yraq7TzjNispe | |
| BjZhVbP/NhpwsdZ0WqXb5u6qUCMvSX4UxqMNjer+hjaJfm3EYa/b19bI7ZHXLdNv | |
| oQr6XicnllFTXXk= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-102.1 required=5.0 tests=AWL,BAYES_00,GOOD_FROM_CORINNA_CYGWIN,KAM_LAZY_DOMAIN_SECURITY,KB_WAM_FROM_NAME_SINGLEWORD,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=queues, D*ru |
| X-HELO: | drew.franken.de |
| Date: | Tue, 28 Nov 2017 15:27:06 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: [EXTERNAL] Re: Issues hiding /dev virtual directory from SFTP users |
| Message-ID: | <20171128142706.GU547@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <2512145081DA00479295CF769D4C8F350128B3517D AT BNVMMSX0A61086A DOT polysci DOT com> <84854143 DOT 20171128025948 AT yandex DOT ru> <2512145081DA00479295CF769D4C8F350128B364F1 AT BNVMMSX0A61086A DOT polysci DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <2512145081DA00479295CF769D4C8F350128B364F1@BNVMMSX0A61086A.polysci.com> |
| User-Agent: | Mutt/1.9.1 (2017-09-22) |
--D6z0c4W1rkZNF4Vu
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Please, don't top-post.
On Nov 28 12:50, snorthrop AT moog DOT com wrote:
>> From: Andrey Repin [mailto:anrdaemon AT yandex DOT ru]=20
>> Sent: Monday, November 27, 2017 7:00 PM
>> To: Northrop, Shad <snorthrop AT moog DOT com>; cygwin AT cygwin DOT com
>> Subject: [EXTERNAL] Re: Issues hiding /dev virtual directory from SFTP u=
sers
>>=20
>> Greetings, snorthrop AT moog DOT com!
>>=20
>> > Hello,
>>=20
>> > I am trying to get sftp secured using OpenSSH. I have been able to ja=
il
>> > the users to their home directory and remove the cygdrive virtual dire=
ctory
>> > from showing but I have been unable to get the /dev virtual directory
>> > removed from the users when they SFTP. In the past I have been able t=
o just
>> > add "/dev /null none bind" to the fstab file but that no longer works.
>>=20
>> > Can anyone suggest how I may be able to accomplish this with CYGWIN_NT=
-6.3 and openssh 7.6p 1-1 ?
>>=20
>> If you jail the user to their home directory, they shouldn't be able to =
see
>> the Cygwin root in first place.
>> I don't understand your issue.
>
> Andrey,
>=20
> They are not able to see the cygdrive. They are able to see the /dev
> virtual directory and all of the device mounts within it.
And why do you want to remove that? There's nothing in /dev your users
shouldn't see, but there's stuff in there required for certain
functionality. For instance, bash handles /dev/std{in,out,err} and
people may rely on this. Also, any application using the default paths
for POSIX shmem, semaphores and message queues will stop working.
Corinna
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--D6z0c4W1rkZNF4Vu
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJaHXI6AAoJEPU2Bp2uRE+g8OgQAJ1L2NVLsJI73uU19/yoYF22
mYrojkQ2oheIX6VDZdwyyWXiaFub60/u9Q8vDKpSMXxJBjAaddtxTYHqKWw9SC59
kqdvnhZLoqzmPe9EIYneiJLtsoIOYDxHLMfCf5PGauJ/EWeS26cgIcFLUCXCGrfr
KeJpaqay1NoqA/e7Crav0i+kVGorEvauZZRefUuTOCXCLQoSB0rNe17tA1tZJRGO
viWwvjpfxStbp+xilf/qK4LypziySgI1uv6dL72xh4Agy/YyXcus+GY1Kxlgzl4V
5ier7CJ/xt9+ETuYfIB0RCpjVmuLqr01DL8itkwevLaYujIXj7NDQaZDsYZxoPx4
eNX3ZAXsEDgnN3go9S7ya8EPONI6BFB6ieU/vCNL4YiCFe6WdVfTKQbR5XCJneb9
2MlIr5km1sy1HWMIYP24bbVJ+N6Lm+XwCzNr0Ckkj2CchRQFQM9fGFesupV6bKu5
+Nio0hfg8hmOS//j5FDhwya1JSN3lyCMpAqYy/lHeuiKexb4eqA96gyO8I7JcK+m
iVM6StXztjTK9g/b0SbjjBbIIEINz0ytXVEu+n5AYdyb/tR0vpt0hMRfoaeQ/V/Z
J3KmGHsAps3tHvvkvHiPWWTjzSDX/EchcJ1q17Yr3Cmncbi3VZMvu8x9omQYlYo8
XoXWMa+Nu3D1fOia5EAP
=l0ru
-----END PGP SIGNATURE-----
--D6z0c4W1rkZNF4Vu--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |