Date: Thu, 17 Nov 2005 21:52:55 +0100 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: Lock down CYGWIN SSH User to single directory. Message-ID: <20051117205255.GZ3462@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References:

Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.4.2i Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com On Nov 17 20:08, JMCColorado wrote: > René Berber computer.org> writes: > > http://chrootssh.sourceforge.net/ > > I have heard that CHRoot might work, but I have also heard that it > still allows someone to SCP outside of where they can SSH to. The chroot system call only works inside Cygwin. As soon as Windows native tools are involved, you've lost since a chroot concept just doesn't exist on Windows. > I need to ensure that the user can't get anywhere but the one > directory I want them to have access to. Unfortunately, with Windows > giving "Everyone" access to just about everything, this seems very > difficult to do. > > Any more ideas? As I said, as the administrator you're resonsible to set the permissions correctly. It's not as simple as "everyone has access". There are knowledge base articles and white papers from Microsoft about controlling user access. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/