X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Thu, 4 Dec 2008 09:18:00 +0100
From: tomas AT tuxteam DOT de
To: cygwin AT cygwin DOT com
Subject: Re: Finally managed to create a jailed SFTP server, but how secure?
Message-ID: <20081204081800.GA24874@tomas>
References: <961872 DOT 64997 DOT qm AT web34701 DOT mail DOT mud DOT yahoo DOT com> <493568B8 DOT 3010308 AT cygwin DOT com> <49376 DOT 99112 DOT qm AT web34702 DOT mail DOT mud DOT yahoo DOT com> <20081202231141 DOT GA5449 AT ednor DOT casa DOT cgf DOT cx> <451120 DOT 45664 DOT qm AT web34703 DOT mail DOT mud DOT yahoo DOT com> <4935DD4B DOT 7050907 AT cygwin DOT com> <690548 DOT 2534 DOT qm AT web34702 DOT mail DOT mud DOT yahoo DOT com> <af075b00812030245m2b64cae2q4601c63424da611 AT mail DOT gmail DOT com> <49366705 DOT 5D2D6371 AT dessent DOT net> <af075b00812030338m3708cadv40a62bdde5a2340d AT mail DOT gmail DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; x-action=pgp-signed
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <af075b00812030338m3708cadv40a62bdde5a2340d@mail.gmail.com>
User-Agent: Mutt/1.5.15+20070412 (2007-04-11)
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Dec 03, 2008 at 11:38:20AM +0000, Julio Emanuel wrote:
> On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <brian AT dessent DOT net> wrote:
> > Julio Emanuel wrote:
> >
> >> 4) Only commands compiled for Cygwin, AND accessing the file system
> >> exclusively through the Cygwin POSIX interfaces can (and will) obey
> >> the chroot settings;
> >
> > This is not valid reasoning, as Eric Blake already pointed out you can
> > still access files outside of a chroot even if you're still going
> > through the Cygwin DLL by using Win32 style pathnames since Cygwin
> > passes those through untouched.

"Chroot jail" is a misnomer here, on the verge of being dangerous. It's
not a jail but just a line drawn with chalk on the floor.

I would like to add on top of that that chroot isn't considerered as a
security feature on other OSes either. FreeBSD has "jails" which do much
more than chroot: you have to virtualize more than just the file system
to come near of being secure (in UNIXoids think creating a device file
whithin your jail which maps to the whole disk or memory to know what
I mean :-).

Cf. for example <http://en.wikipedia.org/wiki/FreeBSD_jail>.

But then, for casual use, chroot might be fine. Never expose that to the
Big and Stinking Net though.

Regards

- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJN5I4Bcgs9XrR2kYRAgk6AJ0bw1zHbpIkeGJrbu8T1xpckR31UACcD+4c
t64oEkdEG9vfFV/2APYZ9w8=
=LAc8
-----END PGP SIGNATURE-----

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/