Mail Archives: cygwin/2002/03/06/15:32:35
On Wed, Mar 06, 2002 at 11:12:11AM -0800, Andrew DeFaria wrote:
> You imply that somebody has the ability to change user context! If so
> then who is that somebody (USER)?
I have to tell that each week (day?) again, apparently. It's SYSTEM.
> It's my understanding that the only thing(s) that use login are things
> like telnet/rlogin/rsh.
>
> Frustrated by the lack of su(1M)!
Did you ever try to understand NT security? Otherwise you would
know know the cause for this restriction. It's exceptionally not
because we're mean!
> Oh, BTW, here's a potential security problem:
>
> $ rsh hosta id
> uid=1370(adefaria) gid=513(Domain Users) groups=0(Everyone),512(Domain
> Admins),513(Domain
> Users),1170(Everybody),1382(ITSupport),1354(Operations),1331(Software)
> $ rsh hosta -l otheruser id
> uid=1269(otheruser) gid=513(Domain Users) groups=0(Everyone),513(Domain
> Users),1203(Engineering),1170(Everybody),2171(Product Team),1215(Service
> Group),1331(Software),1298(TDM Group)
>
> How did I rsh as another user and not be prompted for a password?
Because you have an .rhosts file? I assume you know how rsh
works on U*X systems, don't you?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin AT cygwin DOT com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -