Finally managed to create a jailed SFTP server, but how secure?

TheO idgajelas@yahoo.com
Tue Dec 2 08:23:00 GMT 2008


> 

> If you're happy with the results, that's fine.  However, you asked how
> secure SFTP was.  The answer is as I've said.  Cygwin is not the O/S.
> It cannot enforce restrictions on the O/S.  Only the O/S can restrict
> or grant access to users.
> 

Thanks Larry,

The reason why Cygwin is ideal for me to provide SFTP service is that it
provides a free SFTP solution for Windows platform. My programmers come
from Windows world, they are more familiar with .NET than Unix but sometimes,
they are required to build a system featuring an SFTP server where our user
can upload his files to be processed by our .NET application and finally,
he download the response files from SFTP. Cygwin makes this possible in an
economic way.

> 
> I have not attempted to set up a jailed SFTP environment on Cygwin.  It
> may be that what you've done hems the user into the area you want when
> he/she is using Cygwin tools.  However, this does not restrict the user
> with Windows native tools.  If he/she is able to leverage those inside
> the jail, then the user has the keys he/she wants to get out.
> 

He might be able to upload "nasty" tools but What else could he possibly do 
if he has access to only a restricted SFTP subsystem? 


      

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list