On Thu, Feb 07, 2002 at 10:09:58PM -0500, Ilya Sterin wrote: > Hello all. I am trying to set up sshd on my win2k box and everything is > successful. But I have a question... > Is there a way to restrict the users as well as directories per user. > Although my win box has a few users, I only want to allow one to be able to > ssh to this machine. Also I would like to restrict this user to only one > directory, and don't want to give them permissions to browse others ones? > Is there a way to do both of the above tasks, or at least one of them? > Thanks in Advance.
That's actually a task to perform in Windows native mode. The POSIX permissions in Cygwin are only able to deal with a subset of the NTFS permissions. There are especially user rights which allow to do things which seem to be impossible due to the POSIX permissions. One user right is "Bypass traverse checking" which is given to "Everyone" by default. This allows to access a file for which the user has permissions even if the parent directory disallows any access! Concludently Cygwin can only give security in the borders given by the NT security settings. You should consider to secure the system from the native point of view and then match your ssh/sshd settings into that system. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:[EMAIL PROTECTED] Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
