This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: michael's openssh for windows


Andreas,

It's usually a good idea to send your Cygwin-related questions to the
Cygwin mailing list instead of via private mail.  Not only will you get
access to the combined expertise of the list, which is more than any one
person can provide, but your questions (and answers to them) will be
archived so that others with similar problems can find them by searching
the web archives.  I'm redirecting this reply to the list, and setting the
Reply-To header accordingly.

More below.

On Fri, 18 Jun 2004, Andreas v. Rosen wrote:

> Hi Igor, Johnny, Mark,
>
> I read your thread
> (http://www.cygwin.com/ml/cygwin/2003-08/msg00695.html) on setting up
> sftp in a chroot environment and tried the same.
>
> I got it working nicely and was really pleased until I found out that I
> can use the sftp client to break out into a shell and e.g. list my
> "hidden" directories. "!/usr/bin/ls -la /cygdrive/d" did the trick.
>
> Did I miss something here? Do you know about this problem?
>
> rgds
> Andreas

I don't recall the thread, but I suppose the above hole in chroot is due
to the fact that Cygwin's mounts aren't really part of the filesystem (the
way they are in Unix), and so chroot doesn't know to guard against them.
The proper fix would probably be to fix chroot (if at all possible).
However, a workaround might be to create a user that has no mounts other
than the essential ones (e.g., "nobody" or "ftp"), and switch to that user
after chroot'ing.  Also, one more thing to try is create the actual
/cygdrive directory, which may make chroot restrict the access to anything
under that...
HTH,
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster."  -- Patrick Naughton

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]