X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Wed, 3 Dec 2008 13:27:26 +0100
From: Spiro Trikaliotis <an-cygwin AT spiro DOT trikaliotis DOT net>
To: cygwin AT cygwin DOT com
Message-ID: <20081203122725.GF26030@trikaliotis.net>
Mail-Followup-To: cygwin AT cygwin DOT com
References: <961872 DOT 64997 DOT qm AT web34701 DOT mail DOT mud DOT yahoo DOT com> <493568B8 DOT 3010308 AT cygwin DOT com> <49376 DOT 99112 DOT qm AT web34702 DOT mail DOT mud DOT yahoo DOT com> <20081202231141 DOT GA5449 AT ednor DOT casa DOT cgf DOT cx> <451120 DOT 45664 DOT qm AT web34703 DOT mail DOT mud DOT yahoo DOT com> <4935DD4B DOT 7050907 AT cygwin DOT com> <690548 DOT 2534 DOT qm AT web34702 DOT mail DOT mud DOT yahoo DOT com> <af075b00812030245m2b64cae2q4601c63424da611 AT mail DOT gmail DOT com> <49366705 DOT 5D2D6371 AT dessent DOT net> <af075b00812030338m3708cadv40a62bdde5a2340d AT mail DOT gmail DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <af075b00812030338m3708cadv40a62bdde5a2340d@mail.gmail.com>
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
X-SA-Exim-Connect-IP: 87.163.227.124
X-SA-Exim-Mail-From: an-cygwin AT spiro DOT trikaliotis DOT net
Subject: Re: Finally managed to create a jailed SFTP server, but how secure?
X-SA-Exim-Version: 4.2.1 (built Tue, 09 Jan 2007 17:23:22 +0000)
X-SA-Exim-Scanned: Yes (on mail.trikaliotis.net)
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Hello Julia,

* On Wed, Dec 03, 2008 at 11:38:20AM +0000 Julio Emanuel wrote:
> On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <brian AT dessent DOT net> wrote:

> > This is not valid reasoning, as Eric Blake already pointed out you can
> > still access files outside of a chroot even if you're still going
> > through the Cygwin DLL by using Win32 style pathnames since Cygwin
> > passes those through untouched.
> 
> Aha! So this is the tiny bit that was missing!

It was already mentioned elsethread.

[...]

> I known that it is an ugly solution, but surely it would settle the
> worries for this specific (but more and more frequent) chrooted sftp
> scenario.

But the problem here is: This is just one single problem instance that
would (or might) have been fixed. No-one ever cared to check if there
are other possibilities. In order to be safe, you would have to audit
all relevant parts to find out if there might be other attack vectors.

And from the answers, it is clear that no-one of the cygwin developers
will take that route, as it is not the aim of the project. Like it or
not, but that's how it is currently.

Best regards,
Spiro.

-- 
Spiro R. Trikaliotis                              http://opencbm.sf.net/
http://www.trikaliotis.net/                     http://www.viceteam.org/

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/