X-Recipient: archive-cygwin@delorie.com X-SWARE-Spam-Status: No, hits=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: sourceware.org Message-ID: <4BB54303.70900@gmail.com> Date: Fri, 02 Apr 2010 02:06:11 +0100 From: Dave Korn User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: cygwin@cygwin.com Subject: Re: How to properly set up a chrooted environment References: <20100401201915.GA3964@ghost.local.lan> <4BB50186.5060003@redhat.com> <20100401204654.GA9237@ghost.local.lan> In-Reply-To: <20100401204654.GA9237@ghost.local.lan> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com On 01/04/2010 21:46, d.sastre.medina wrote: > And this is just for testing/learning purposes and fun. That's of course fine; anything you run for yourself in your own private network isn't a problem, but it's worth being explicit about this: >> There is no manual for chroot on cygwin, because no one here recommends >> doing it for anything serious. I would never recommend exposing *any* Cygwin server to the internet-at-large at all, ever. Although Cygwin doesn't introduce any vulnerabilities into applications that don't already have them, it does make it significantly more likely that you can escalate your privileges anywhere you can log in even as a restricted user. cheers, DaveK -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple