X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:references:in-reply-to:from:date :message-id:subject:to:content-type; q=dns; s=default; b=EgB1v1f /Pr0yrXFn1rNIdLx7zfueZYXZho2z2//mWxO6TXIG5NDH++5b3y6iKNa18P2VgDV 7Fkd6RWo78OBPRVGyl1+BMW8trJSy7oE/BUVM0dQ9u4Qnnas+z0jGu8BsEexG5f/ wxGOYriSO6Uv/ybVwy+Mnb4nddk38dT+gLEI= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:references:in-reply-to:from:date :message-id:subject:to:content-type; s=default; bh=NTyzWXPdxGpp/ xP0q1eCGy6t1Pg=; b=Euii13rsn/oMsdDzHf9zkL1t76C6WdlhOCazH1t2E+gUS didBFU+ANphEYy4GHhQPwLwIKtTlIVo2+OZqLmpkmuASpHL6E7RiiIrJrIwpcaVh KfHDFxjdewoMTTIN5VF3qMp+YHMwRP0ARQCb8O0NxgIjy2LULIlo3GXStlF5Bw= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: <cygwin.cygwin.com> List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com> List-Archive: <http://sourceware.org/ml/cygwin/> List-Post: <mailto:cygwin AT cygwin DOT com> List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.1 spammy=accomplish, H*c:alternative, password, she X-HELO: mout.gmx.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.com; s=dbd5af2cbaf7; t=1552489931; bh=36uKm20HaIbJNbtf+6Qe1K34CBxtY1qqItA410m4LaA=; h=X-UI-Sender-Class:References:In-Reply-To:From:Date:Subject:To; b=IgIhq0TeL/LG6yEyEjYxyVC4fWUHzSPAX9pwCvWipFdSj2eQ245Qb8jxAYfjZG5Nj WxWwfYJsR9RnFcTLFZa8efSGT7l99ROxJ/iC6vca3NJnf00LnKW56BRhwPYD4n3k7B F7xjl496Ny4bKHf7272WsC8XIt85bzGhCbm3v8Cc= X-UI-Sender-Class: 214d933f-fd2f-45c7-a636-f5d79ae31a79 MIME-Version: 1.0 References: <CANV9t=S6LFnDSKiJsL3GpjLNC+srJCAgkScZTiG0yAbxq3b40A AT mail DOT gmail DOT com> <CANV9t=SWJ_65Y7jgqgDzNkaUPh1YCHfibp6vb+tmvg-wKtPLyQ AT mail DOT gmail DOT com> <20190313085650 DOT GS3785 AT calimero DOT vinschen DOT de> In-Reply-To: <20190313085650.GS3785@calimero.vinschen.de> From: Bill Stewart <bstewart AT iname DOT com> Date: Wed, 13 Mar 2019 09:11:42 -0600 Message-ID: <CANV9t=Q=HDAoVxjvSp9EqX0GttwxZLW6=OxO6o4eLzs8mejFRQ@mail.gmail.com> Subject: Re: sshd privsep user still required? To: cygwin AT cygwin DOT com Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes On Wed, Mar 13, 2019 at 2:57 AM Corinna Vinschen wrote: > > a) Why is it necessary to specify SYSTEM as user number 0 in the > > /etc/password file? > > > > b) Why is the sshd account required? > > sshd checks for uid 0 and requires the sshd account when chroot is > requested. > > > c) Why are /cygdrive and /dev directories visible when connecting using a > > sftp client? > > The Cygwin chroot implementation is pure fake. It's not backed by the > OS and it's failry easy to break out of the jail. As such, the chroot > implementation is deprecated and only kept for backward compatibility. > I suggest not to use it. It gives a wrong sense of security. Right: I totally understand that Cygwin's chroot implementation does not add any security (because chroot doesn't exist natively on Windows). However: It's still the case that the user cannot bypass OS security even if he or she "escapes" from the jail, right? My goal is to restrict sftp browsing on the client side. Using ChrootDirectory with "ForceCommand internal-sftp" in sshd_config seems to accomplish this. Is this not correct? Bill -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple