Finally managed to create a jailed SFTP server, but how secure?

Julio Emanuel
Wed Dec 3 11:39:00 GMT 2008

On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <> wrote:
> Julio Emanuel wrote:
>> 4) Only commands compiled for Cygwin, AND accessing the file system
>> exclusively through the Cygwin POSIX interfaces can (and will) obey
>> the chroot settings;
> This is not valid reasoning, as Eric Blake already pointed out you can
> still access files outside of a chroot even if you're still going
> through the Cygwin DLL by using Win32 style pathnames since Cygwin
> passes those through untouched.

Aha! So this is the tiny bit that was missing! What you are saying is
that the Cygwin DLL does not honor the chroot if the path is in WIN32
format? But why is that? It shouldn't honor the chroot all the time?
I mean, this sounds like the "right thing to do"(tm), if Cygwin is
supposed to fully support chroot environments...

> Whether or not you can trick the sftp
> code into letting such a filename through remains to be seen, but the
> point here is that just because the access occurs via the Cygwin API
> doesn't mean the chroot is absolute.

Right. Point taken.
Although, this could be answered with a patch (a ugly-cygwin-only
patch) to the sftp/sshd package to filter all the Windowish file paths
that came across, right?
I known that it is an ugly solution, but surely it would settle the
worries for this specific (but more and more frequent) chrooted sftp

> Brian
> --
> Unsubscribe info:
> Problem reports:
> Documentation:
> FAQ:         

Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list