X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:references:in-reply-to:from:date
	:message-id:subject:to:content-type; q=dns; s=default; b=VUyHfjn
	4vMrPqGCBQbnpz0qMES21Pd//qMY4hW/N+dEvMzU4evodK/zSQwgXlb11K+XxwdX
	PPtUcfI653DPdjy+f5t/vUHMwlv/ULX6U81OmNkGv9QRoFDjWYfGUh1NIuZXIVDq
	RL+a6dfZaGDuEVGerlEQ3d7TI+0yv+p/+dos=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:references:in-reply-to:from:date
	:message-id:subject:to:content-type; s=default; bh=Zh/z0ezCDO8mB
	FhK+t2X8qDDQQQ=; b=tSVDIOzE/eZVvU/rLfchgiGvSw2X4N7sGrGWf4z1sN7IT
	B3l/FEP9o34MFh6dRuK4f/CgRtJXZ/F88nIYdFY9Q3Qn74wxUMCFfYG+wZO7FObp
	d6gDn6o39L8+a7JqBVw1gC2nESL9gMGrFkOcaX7qrgND5QZTvI7NYspnkuYlsg=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.1 spammy=H*c:alternative, she
X-HELO: mout.gmx.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.com;	s=dbd5af2cbaf7; t=1552492734;	bh=e7SNC1xfELcXmBKXqkmlEgMGRMlHvnQxvAfssVZA0pg=;	h=X-UI-Sender-Class:References:In-Reply-To:From:Date:Subject:To;	b=riPKRyu6QpHnon9u9mN+KrRtv/8M79IuEKBZ4r0ypqpv2eG8iM9muhEv9K29JiWfg	 MugGgs1SgYomBEtVVAI48uXkAjMgwaamkNKQqT1bev8N57KXnsGf6y5Iwcpx1Ak7w8	 CFRKd2vBUH8F068gDgm5/P7mPSLIprR+JuAw2p8Y=
X-UI-Sender-Class: 214d933f-fd2f-45c7-a636-f5d79ae31a79
MIME-Version: 1.0
References: <CANV9t=S6LFnDSKiJsL3GpjLNC+srJCAgkScZTiG0yAbxq3b40A@mail.gmail.com> <CANV9t=SWJ_65Y7jgqgDzNkaUPh1YCHfibp6vb+tmvg-wKtPLyQ@mail.gmail.com> <20190313085650.GS3785@calimero.vinschen.de> <CANV9t=Q=HDAoVxjvSp9EqX0GttwxZLW6=OxO6o4eLzs8mejFRQ@mail.gmail.com> <20190313152901.GA18873@calimero.vinschen.de>
In-Reply-To: <20190313152901.GA18873@calimero.vinschen.de>
From: Bill Stewart <bstewart@iname.com>
Date: Wed, 13 Mar 2019 09:58:25 -0600
Message-ID: <CANV9t=RxeKVye=uJ9s=7ncp6jHbyMxAUsRGKa6zEc1VdkCfu+g@mail.gmail.com>
Subject: Re: sshd privsep user still required?
To: cygwin@cygwin.com
Content-Type: text/plain; charset="UTF-8"
X-IsSubscribed: yes

On Wed, Mar 13, 2019 at 9:29 AM Corinna Vinschen wrote:

> > However: It's still the case that the user cannot bypass OS security
even
> > if he or she "escapes" from the jail, right?
> >
> > My goal is to restrict sftp browsing on the client side.
> >
> > Using ChrootDirectory with "ForceCommand internal-sftp" in sshd_config
> > seems to accomplish this.
> >
> > Is this not correct?
>
> It seems like it, but I wouldn't bet on it.  The fact that /cygdrive and
> /dev directories are still visible inside the chroot jail speaks against
> that.

So to summarize: Even though the fake chroot doesn't increase security, it
doesn't reduce it, either.

In other words, even if the user "escapes" the jail, he or she can still
only do what the underlying OS permits.

Bill

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple