X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: sourceware.org Message-ID: <4BB54303.70900@gmail.com> Date: Fri, 02 Apr 2010 02:06:11 +0100 From: Dave Korn User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: cygwin AT cygwin DOT com Subject: Re: How to properly set up a chrooted environment References: <20100401201915 DOT GA3964 AT ghost DOT local DOT lan> <4BB50186 DOT 5060003 AT redhat DOT com> <20100401204654 DOT GA9237 AT ghost DOT local DOT lan> In-Reply-To: <20100401204654.GA9237@ghost.local.lan> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com On 01/04/2010 21:46, d.sastre.medina wrote: > And this is just for testing/learning purposes and fun. That's of course fine; anything you run for yourself in your own private network isn't a problem, but it's worth being explicit about this: >> There is no manual for chroot on cygwin, because no one here recommends >> doing it for anything serious. I would never recommend exposing *any* Cygwin server to the internet-at-large at all, ever. Although Cygwin doesn't introduce any vulnerabilities into applications that don't already have them, it does make it significantly more likely that you can escalate your privileges anywhere you can log in even as a restricted user. cheers, DaveK -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple