X-Recipient: archive-cygwin@delorie.com X-Spam-Check-By: sourceware.org Message-ID: <49366705.5D2D6371@dessent.net> Date: Wed, 03 Dec 2008 03:01:25 -0800 From: Brian Dessent MIME-Version: 1.0 To: cygwin@cygwin.com Subject: Re: Finally managed to create a jailed SFTP server, but how secure? References: <664060.6380.qm@web34704.mail.mud.yahoo.com> <933558.98400.qm@web34705.mail.mud.yahoo.com> <4934527E.2070200@cygwin.com> <961872.64997.qm@web34701.mail.mud.yahoo.com> <493568B8.3010308@cygwin.com> <49376.99112.qm@web34702.mail.mud.yahoo.com> <20081202231141.GA5449@ednor.casa.cgf.cx> <451120.45664.qm@web34703.mail.mud.yahoo.com> <4935DD4B.7050907@cygwin.com> <690548.2534.qm@web34702.mail.mud.yahoo.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Reply-To: cygwin@cygwin.com Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Julio Emanuel wrote: > 4) Only commands compiled for Cygwin, AND accessing the file system > exclusively through the Cygwin POSIX interfaces can (and will) obey > the chroot settings; This is not valid reasoning, as Eric Blake already pointed out you can still access files outside of a chroot even if you're still going through the Cygwin DLL by using Win32 style pathnames since Cygwin passes those through untouched. Whether or not you can trick the sftp code into letting such a filename through remains to be seen, but the point here is that just because the access occurs via the Cygwin API doesn't mean the chroot is absolute. Brian -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/