Date: Thu, 17 Nov 2005 21:52:55 +0100 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: Lock down CYGWIN SSH User to single directory. Message-ID: <20051117205255.GZ3462@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.4.2i Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com On Nov 17 20:08, JMCColorado wrote: > René Berber computer.org> writes: > > http://chrootssh.sourceforge.net/ > > I have heard that CHRoot might work, but I have also heard that it > still allows someone to SCP outside of where they can SSH to. The chroot system call only works inside Cygwin. As soon as Windows native tools are involved, you've lost since a chroot concept just doesn't exist on Windows. > I need to ensure that the user can't get anywhere but the one > directory I want them to have access to. Unfortunately, with Windows > giving "Everyone" access to just about everything, this seems very > difficult to do. > > Any more ideas? As I said, as the administrator you're resonsible to set the permissions correctly. It's not as simple as "everyone has access". There are knowledge base articles and white papers from Microsoft about controlling user access. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/