Web lists-archives.com

Re: [EXTERNAL] Re: Issues hiding /dev virtual directory from SFTP users




Please, don't top-post.

On Nov 28 12:50, snorthrop@xxxxxxxx wrote:
>> From: Andrey Repin [mailto:anrdaemon@xxxxxxxxx] 
>> Sent: Monday, November 27, 2017 7:00 PM
>> To: Northrop, Shad <snorthrop@xxxxxxxx>; cygwin@xxxxxxxxxx
>> Subject: [EXTERNAL] Re: Issues hiding /dev virtual directory from SFTP users
>> 
>> Greetings, snorthrop@xxxxxxxx!
>> 
>> > Hello,
>> 
>> > I am trying to get sftp secured using OpenSSH.  I have been able to jail
>> > the users to their home directory and remove the cygdrive virtual directory
>> > from showing but I have been unable to get the /dev virtual directory
>> > removed from the users when they SFTP.  In the past I have been able to just
>> > add "/dev /null none bind" to the fstab file but that no longer works.
>> 
>> > Can anyone suggest how I may be able to accomplish this with CYGWIN_NT-6.3 and openssh 7.6p 1-1 ?
>> 
>> If you jail the user to their home directory, they shouldn't be able to see
>> the Cygwin root in first place.
>> I don't understand your issue.
>
> Andrey,
> 
> They are not able to see the cygdrive.  They are able to see the /dev
> virtual directory and all of the device mounts within it.

And why do you want to remove that?  There's nothing in /dev your users
shouldn't see, but there's stuff in there required for certain
functionality.  For instance, bash handles /dev/std{in,out,err} and
people may rely on this.  Also, any application using the default paths
for POSIX shmem, semaphores and message queues will stop working.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: signature.asc
Description: PGP signature