[EXTERNAL] Re: Issues hiding /dev virtual directory from SFTP users
Corinna Vinschen
corinna-cygwin@cygwin.com
Tue Nov 28 14:27:00 GMT 2017
Please, don't top-post.
On Nov 28 12:50, snorthrop@moog.com wrote:
>> From: Andrey Repin [mailto:anrdaemon@yandex.ru]
>> Sent: Monday, November 27, 2017 7:00 PM
>> To: Northrop, Shad <snorthrop@moog.com>; cygwin@cygwin.com
>> Subject: [EXTERNAL] Re: Issues hiding /dev virtual directory from SFTP users
>>
>> Greetings, snorthrop@moog.com!
>>
>> > Hello,
>>
>> > I am trying to get sftp secured using OpenSSH. I have been able to jail
>> > the users to their home directory and remove the cygdrive virtual directory
>> > from showing but I have been unable to get the /dev virtual directory
>> > removed from the users when they SFTP. In the past I have been able to just
>> > add "/dev /null none bind" to the fstab file but that no longer works.
>>
>> > Can anyone suggest how I may be able to accomplish this with CYGWIN_NT-6.3 and openssh 7.6p 1-1 ?
>>
>> If you jail the user to their home directory, they shouldn't be able to see
>> the Cygwin root in first place.
>> I don't understand your issue.
>
> Andrey,
>
> They are not able to see the cygdrive. They are able to see the /dev
> virtual directory and all of the device mounts within it.
And why do you want to remove that? There's nothing in /dev your users
shouldn't see, but there's stuff in there required for certain
functionality. For instance, bash handles /dev/std{in,out,err} and
people may rely on this. Also, any application using the default paths
for POSIX shmem, semaphores and message queues will stop working.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20171128/25c1b6de/attachment.sig>
More information about the Cygwin
mailing list