Web lists-archives.com

Re: [EXTERNAL] Re: Issues hiding /dev virtual directory from SFTP users

Please, don't top-post.

On Nov 28 12:50, snorthrop@xxxxxxxx wrote:
>> From: Andrey Repin [mailto:anrdaemon@xxxxxxxxx] 
>> Sent: Monday, November 27, 2017 7:00 PM
>> To: Northrop, Shad <snorthrop@xxxxxxxx>; cygwin@xxxxxxxxxx
>> Subject: [EXTERNAL] Re: Issues hiding /dev virtual directory from SFTP users
>> Greetings, snorthrop@xxxxxxxx!
>> > Hello,
>> > I am trying to get sftp secured using OpenSSH.  I have been able to jail
>> > the users to their home directory and remove the cygdrive virtual directory
>> > from showing but I have been unable to get the /dev virtual directory
>> > removed from the users when they SFTP.  In the past I have been able to just
>> > add "/dev /null none bind" to the fstab file but that no longer works.
>> > Can anyone suggest how I may be able to accomplish this with CYGWIN_NT-6.3 and openssh 7.6p 1-1 ?
>> If you jail the user to their home directory, they shouldn't be able to see
>> the Cygwin root in first place.
>> I don't understand your issue.
> Andrey,
> They are not able to see the cygdrive.  They are able to see the /dev
> virtual directory and all of the device mounts within it.

And why do you want to remove that?  There's nothing in /dev your users
shouldn't see, but there's stuff in there required for certain
functionality.  For instance, bash handles /dev/std{in,out,err} and
people may rely on this.  Also, any application using the default paths
for POSIX shmem, semaphores and message queues will stop working.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: signature.asc
Description: PGP signature