Mail Archives: cygwin/2002/01/18/07:26:17

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2002/01/18/07:26:17

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

From: swamp-dog AT ntlworld DOT com (Guy Harrison)

To: <cygwin AT cygwin DOT com>

Subject: Re: sshd and fstat

Date: Fri, 18 Jan 2002 12:25:33 GMT

Reply-To: <cygwin AT cygwin DOT com>

Message-ID: <3c4a13e6.939968563@smtp.ntlworld.com>

References: <3c46d28e DOT 857705044 AT post DOT ntlworld DOT com>

In-Reply-To: <3c46d28e.857705044@post.ntlworld.com>

X-Mailer: Forte Agent 1.5/32.451

MIME-Version: 1.0

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id g0ICQDs18975

On Thu, 17 Jan 2002 14:49:28 GMT, swamp-dog AT ntlworld DOT com (Guy Harrison)
wrote:

I'm pleased to be able to report some progress! I've located where the
key difference lies between sshd running as an NT service and sshd
running in just about any other fashion.

<security.cc>
 	1236	int
 	1237	get_file_attribute (int use_ntsec, const char *file,
 	1238			    int *attribute, uid_t *uidret, gid_t
*gidret)
	1239	{
 	1240	  int res;
 	1241	
-	1242	  if (use_ntsec && allow_ntsec)
 	1243	    {
-	1244	      res = get_nt_attribute (file, attribute, uidret, 
                             gidret);
-	1245	      if (attribute && (*attribute & S_IFLNK) == 
                             S_IFLNK)
-	1246		*attribute |= S_IRWXU | S_IRWXG | S_IRWXO;
-	1247	      return res;
 	1248	    }
 	1249
        1250      if (uidret)
        1251        *uidret = getuid ();
        1252      if (gidret)
        1253        *gidret = getgid ();
	1254
</security.cc>

In almost all circumstances 'allow_ntsec' is true. No problem - sshd
correctly obtains the permissions on the client's $HOME/.ssh/*keys.

The single circumstance in which 'allow_ntsec' is false, is when sshd is
running *directly* as a service: in other words, as it is designed to.


Could someone enlighten me about 'allow_ntsec'. How does CygWin turn
this on?

TIA

-- 
swamp-dog AT ntlworld DOT com

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
From:	swamp-dog AT ntlworld DOT com (Guy Harrison)
To:	<cygwin AT cygwin DOT com>
Subject:	Re: sshd and fstat
Date:	Fri, 18 Jan 2002 12:25:33 GMT
Reply-To:	<cygwin AT cygwin DOT com>
Message-ID:	<3c4a13e6.939968563@smtp.ntlworld.com>
References:	<3c46d28e DOT 857705044 AT post DOT ntlworld DOT com>
In-Reply-To:	<3c46d28e.857705044@post.ntlworld.com>
X-Mailer:	Forte Agent 1.5/32.451
MIME-Version:	1.0
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id g0ICQDs18975