On Tue, Jan 5, 2021 at 6:34 AM Eliot Moss wrote: > Is there a Windows equivalent to chroot (either the program or the > library/system call)?
See: https://cygwin.com/cygwin-ug-net/highlights.html Quoting: "Chroot is supported. Kind of. Chroot is not a concept known by Windows. This implies some serious restrictions. First of all, the chroot call isn't a privileged call. Any user may call it. Second, the chroot environment isn't safe against native windows processes. Given that, chroot in Cygwin is only a hack which pretends security where there is none. For that reason the usage of chroot is discouraged. Don't use it unless you really, really know what you're doing." What I have found is that the cygwin chroot is not a security boundary (it seems it is possible for an account to "escape" from the "chroot jail"). However, whatever account is being used by the cygwin process is still subject to its rights/permissions in Windows (i.e., "escaping" from a "chroot jail" does not give additional rights and/or permissions to an account that it didn't have before). Bill -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
