X-Recipient: archive-cygwin AT delorie DOT com X-Spam-Check-By: sourceware.org References: <664060 DOT 6380 DOT qm AT web34704 DOT mail DOT mud DOT yahoo DOT com> <49341625 DOT 2090804 AT cygwin DOT com> <933558 DOT 98400 DOT qm AT web34705 DOT mail DOT mud DOT yahoo DOT com> <4934527E DOT 2070200 AT cygwin DOT com> <961872 DOT 64997 DOT qm AT web34701 DOT mail DOT mud DOT yahoo DOT com> <493568B8 DOT 3010308 AT cygwin DOT com> Date: Tue, 2 Dec 2008 14:18:07 -0800 (PST) From: TheO Subject: Re: Finally managed to create a jailed SFTP server, but how secure? To: cygwin AT cygwin DOT com MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-ID: <49376.99112.qm@web34702.mail.mud.yahoo.com> X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com > > I understand. If SFTP under Cygwin fits your needs and you can live > with the risks, then you should continue using it. I certainly don't > understand your application or its requirements for communication but > given your description above, it seems to me that 'scp' would serve your > purpose and wouldn't rely on a limited 'chroot' capabilities. But I'm > assuming you've already thought of that and have ruled it out for your > own reasons. > Yes, SFTP is the only choice for me here. Actually nowadays , at least in my organization, SFTP becomes the most preferable method to transfer file securely. Its popularity leaves behind FTP over VPN and FTP/SSL (another secured version of FTP). Unfortunately I can't use 'scp'. > > Good question. A better one is are you willing to accept the risk? I also > want to once again point out that "a restricted FTP subsystem" does not > have all the same restrictions as it would in a UNIX/Linux environment. > Only you can decide whether this difference is something you can live > with. > Risk is exactly my main concern here. That's why I tried myself to find any possible hole using this set up. I even considered once to use coLinux (www.colinux.org) which offers native Linux inside Windows, but after trying to install it myself I found it to be too burdensome for my (sob) Windows support team to deploy and maintain it. Especially when Windows itself is actually running on top of VMWare virtual machine. Cygwin seems extremely light in comparison to it and it runs as a normal Win32 process. I understand that in theory Cygwin, as a normal Win32 process, can't offer more protection that what Windows can. Eventhough Windows itself, if properly configured, is a very secure system. For example, Windows ACL is more complex than the standard user/group/other rwx flag on *nix. But don't flame me for saying this please. I don't want to start any issue related to Windows vs *nix here. The thing is as a newbie in Cygwin, I don't know the exact inner working of Cygwin. I don't know what Cygwin does when it is chroot'ing. I know very little of what it does when I log on using public key authentication (it runs under sshd account as opposed to user account). I don't know why under chroot setting, Cygwin creates /cygdrive under my /jail directory. And I don't know what one can do if he has read access to it. I am just an ordinary Cygwin user from this perspective with no knowledge of Cygwin internal process. That's why I need input from those who have more visibility than me to point me to the right direction. I promise to help promote Cygwin in Windows community if I can find a way to make it as a secure SFTP server :). I am sure a lot of Windows users will prefer Cygwin to other commercial softwares. Thanks again. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/