Finally managed to create a jailed SFTP server, but how secure?

Tue Dec 2 09:08:00 GMT 2008


> Did you verify whether DOS paths, such as c:\, were also blocked?

No it's not blocked from Windows. if I log on locally, I can access /cygdrive/c without any problem. But I can't using jailed SFTP, even if I use my Administrator account.

> To repeat what we have already told you multiple times: cygwin does NOT
> enforce the jail.  And without OS support to do so, we are not in a
> position to state that your jail is secure; so with security in mind, you
> must consider the SFTP connection, even in its chroot jail, to be only as
> secure as the restricted rights that you are able to enforce on the
> Windows user id in use when you make the SFTP connection.

Please don't get me wrong here Eric. I am just trying to see the suitability of Cygwin as the ultimate SFTP server in Windows. SFTP is becoming more and more popular amongst our customers. In the last 6 months, I received 3 requests to build system with integrated SFTP server in it. To be honest with you, I have never come accross this word before that time.

Choosing full Unix based solution is for the time being, out of question for me as my programmers don't "speak" Unix at all.

If I know how to build a safe SFTP server with Cygwin, then I will share this experience with others. At least I can contribute to make Cygwin a little bit more popular.


Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list