On Wed, Dec 3, 2008 at 2:43 AM, Albert van der Velde wrote:
> I followed this discussion, but does an ftp server exist with a
> possibility to lock a user in its home directory preventing him to get
> out of this "jail".
Are you sure you were understanding this conversation? It was about
SFTP, no
Hi guys,
For the past few weeks I've been struggling to compile a program that uses
sockets. Actually, the program compiles and builds okay but the client can
never connect to the server.
This morning I found this simple example that implements client/server
socket comms in just a few modules (
Hi, all Cygwinners!
I've been following this thread with most interest, because I've been
thinking in setting up some kind of chroot'ed SFTP environment
myself.
The tone of the answers are, however, consistent with what I've
already saw in similar threads in the last months. Yet, I still
consider
John Emmas wrote:
> In every case, the programs fail when the client attempts to connect to the
> server. This would be a typical line:-
>
> status = ::connect ( m_sock, ( sockaddr * ) &addr, sizeof ( addr ) );
>
> 'status' receives -1 and if I check the error it's invariably something like
> "
Julio Emanuel wrote:
> 4) Only commands compiled for Cygwin, AND accessing the file system
> exclusively through the Cygwin POSIX interfaces can (and will) obey
> the chroot settings;
This is not valid reasoning, as Eric Blake already pointed out you can
still access files outside of a chroot eve
On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <[EMAIL PROTECTED]> wrote:
> Julio Emanuel wrote:
>
>> 4) Only commands compiled for Cygwin, AND accessing the file system
>> exclusively through the Cygwin POSIX interfaces can (and will) obey
>> the chroot settings;
>
> This is not valid reasoning, a
- Original Message -
From: "Brian Dessent"
Subject: Re: Socket programming with Cygwin
The call fails because addr is junk, because the demo passed "localhost"
to inet_pton. According to the docs, this function only takes IP
addresses. If you change simple_client_main.cpp to use an IP
On Dec 3 11:38, Julio Emanuel wrote:
> On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <[EMAIL PROTECTED]> wrote:
> > Julio Emanuel wrote:
> >
> >> 4) Only commands compiled for Cygwin, AND accessing the file system
> >> exclusively through the Cygwin POSIX interfaces can (and will) obey
> >> the c
John Emmas wrote:
confused about why the program worked when I built it under Linux.
As Brian said, glibc's inet_pton() is apparently doing something beyond
what the standard requires. Cygwin doesn't use glibc, it uses a
different standard C library called newlib.
--
Unsubscribe info:
Julio Emanuel wrote:
> Aha! So this is the tiny bit that was missing! What you are saying is
> that the Cygwin DLL does not honor the chroot if the path is in WIN32
> format? But why is that? It shouldn't honor the chroot all the time?
> I mean, this sounds like the "right thing to do"(tm), if Cyg
Hello Julia,
* On Wed, Dec 03, 2008 at 11:38:20AM + Julio Emanuel wrote:
> On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <[EMAIL PROTECTED]> wrote:
> > This is not valid reasoning, as Eric Blake already pointed out you can
> > still access files outside of a chroot even if you're still going
John Emmas wrote:
> Forgive me - but as someone who's very new to socket programming, I'm
> confused about why the program worked when I built it under Linux. Is it
> because something would have converted "localhost" to an IP address (is this
> the lookup stuff that you referred to?) and where c
On Dec 3 04:29, Brian Dessent wrote:
> John Emmas wrote:
>
> > Forgive me - but as someone who's very new to socket programming, I'm
> > confused about why the program worked when I built it under Linux. Is it
> > because something would have converted "localhost" to an IP address (is this
> > t
>
> This is not valid reasoning, as Eric Blake already pointed out you can
> still access files outside of a chroot even if you're still going
> through the Cygwin DLL by using Win32 style pathnames since Cygwin
> passes those through untouched. Whether or not you can trick the sftp
> code into l
TheO wrote:
> identifying what filenames are reserved by Win32, this is what I've got
> (please
> complete it if I am missing something):
No, we mean "get c:/dir/file" or "get c:\dir\file". (or "put
//hostname/share/file", shudder.)
Brian
--
Unsubscribe info: http://cygwin.com/ml/#unsubsc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to TheO on 12/3/2008 5:57 AM:
> And if I understand correctly, one of the possible way for user to bypass
> check
> by Cygwin is to use Win32 reserved file names.
>
> identifying what filenames are reserved by Win32, this is what I've got
>
> No, we mean "get c:/dir/file" or "get c:\dir\file". (or "put
> //hostname/share/file", shudder.)
>
This is what I get:
sftp> cd C:/
Couldn't canonicalise: No such file or directory
sftp> get C:/foo
Couldn't stat remote file: No such file or directory
File "/home/Adminis
>
> This is what I get:
>
> sftp> cd C:/
> Couldn't canonicalise: No such file or directory
>
> sftp> get C:/foo
> Couldn't stat remote file: No such file or directory
> File "/home/Administrator/C:/foo" not found.
>
More to come:
sftp> cd /cygdrive
sftp> ls -al
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to TheO on 12/3/2008 6:29 AM:
>> No, we mean "get c:/dir/file" or "get c:\dir\file". (or "put
>> //hostname/share/file", shudder.)
>>
>
> This is what I get:
>
> sftp> cd C:/
> Couldn't canonicalise: No such file or directory
That'
Eric Blake wrote:
> That's with /. What about with \? The cygwin dll sometimes treats the
> two separators differently, where using \ is more likely to bypass cygwin
> checks.
Don't forget the other variants, like
\\.\c:\foo\bar
\\./c:/foo/bar
\??\c:\foo\bar
\??/c:\foo\bar
\??/c:/foo/bar
Bria
Hi All,
I recently made a fresh new Cygwin installation. I asked for the full
installation of the "devel" category to be installed, which resulted
in both gcc and gcc4 to be installed. (BTW, great work with gcc4
package, thanks a lot!!!)
I wonder:
1. Is is safe to remove the old gcc (3.*) packag
>
> Don't forget the other variants, like
>
> \\.\c:\foo\bar
> \\./c:/foo/bar
> \??\c:\foo\bar
> \??/c:\foo\bar
> \??/c:/foo/bar
>
I will try different variants definitely. Unfortunately I can only give the
feedback tomorrow as I am away from the office now.
Thanks for your input.
-
>
> And what about Brian's other point - if sshd has a security bug like a
> buffer overrun (shudder, but possible - look at how often openssh has been
> updated over the years to fix security holes as soon as someone identifies
> one)
>
Such hole would affect all OpenSSH implementation. Even th
> > And what about Brian's other point - if sshd has a security bug like a
> > buffer overrun (shudder, but possible - look at how often openssh has
> been
> > updated over the years to fix security holes as soon as someone
> identifies
> > one)
>
> Such hole would affect all OpenSSH implementati
New News:
===
I have updated the version of Python to 2.5.2-1. The tarballs should be
available on a Cygwin mirror near you shortly.
The following are the only notable changes since the previous release:
o upgrade to Python 2.5.2
o include pre-built sqlite3 module
o include patc
Peter A. Castro wrote in
> An updated version of zsh (zsh-4.3.9-1) has been released and should be
> at a mirror near you real soon. This is an upstream release.
Thanks Peter.
I just needed to do a rebaseall
gvim /usr/share/doc/Cygwin/rebase*.readme
--
zzapper
http://www.successtheory.com
TheO wrote:
Larry Hall wrote:
No, you cannot hide it. It is created by Cygwin itself as a convenience
to access the virtual 'cygdrive' directory. This is one of a number of
virtual directories ('/proc' and '/dev' come to mind) that Cygwin supports.
See the description of "Special filenames" in
Hello,
Here's the source:
#include
int main(){
/* local variable */
char name[25];
printf("What is your name?\n");
gets( name );
printf("Hello, %s!\n",name);
}
If I compile using the following command line argument:
$ gcc -o ioProg1 ioProg1.c
I check to see which DLL it's using wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Gustavo Seabra on 12/3/2008 7:38 AM:
> 1. Is is safe to remove the old gcc (3.*) packages and replace them by
> symlinks to the new gcc4 executables?
Read the archives. Dave has mentioned that he is planning on a future
packaging of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to C-Programmer on 12/3/2008 6:29 PM:
> But if I compile using the following command line argument:
> $ gcc -mno-cygwin -o ioProg1 ioProg1.c
Then you are no longer using cygwin, and this is almost more of a question
for the mingw list.
> I
Eric Blake wrote on Thursday, December 04, 2008 1:42 AM::
> According to C-Programmer on 12/3/2008 6:29 PM:
>> But if I compile using the following command line argument:
>> $ gcc -mno-cygwin -o ioProg1 ioProg1.c
>
> Then you are no longer using cygwin, and this is almost more of a
> question for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to C-Programmer on 12/3/2008 6:29 PM:
> char name[25];
> gets( name );
PS. This is a _disaster_ waiting to happen. You just coded a buffer
overflow exploit, where someone can supply a name with more than 25 bytes,
and in so doing, overw
32 matches
Mail list logo
