Mail Archives: cygwin/2002/03/07/04:24:55

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2002/03/07/04:24:55

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Date: Thu, 7 Mar 2002 10:23:48 +0100

From: Corinna Vinschen <cygwin AT cygwin DOT com>

To: cygwin AT cygwin DOT com

Subject: Re: login: no shell: /bin/bash: Permission denied

Message-ID: <20020307102348.N13590@cygbert.vinschen.de>

Mail-Followup-To: cygwin AT cygwin DOT com

References: <m3eliylhc2 DOT fsf AT appel DOT lilypond DOT org> <20020306101433 DOT P13590 AT cygbert DOT vinschen DOT de> <3C866A0B DOT 6040500 AT DeFaria DOT com> <20020306213202 DOT C13590 AT cygbert DOT vinschen DOT de> <3C869077 DOT 3090705 AT DeFaria DOT com>

Mime-Version: 1.0

In-Reply-To: <3C869077.3090705@DeFaria.com>

User-Agent: Mutt/1.3.22.1i

On Wed, Mar 06, 2002 at 01:56:07PM -0800, Andrew DeFaria wrote:
> OK then, seems to me that su might be implementable by using a service 
> that runs as SYSTEM and takes requests to switch user from user A to 
> user B. Possible?

Sure.  It's exactly the way the user switch is implemented in 2K/XP.

> Regardless, to me it's still would be a large security hole if all one 
> needs to do is:
> 
> $ echo "+" > ~/.rhosts
> 
> to be able to abuse rsh to do something under somebody else's user ID is 
> it not?

It's the same on U*X.  If you don't care for the permissions of
your home directory you're out of luck.

And rsh is a dangerous service anyway.  If you don't want it,
just remove the matching line in /etc/inetd.conf and use ssh.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Date:	Thu, 7 Mar 2002 10:23:48 +0100
From:	Corinna Vinschen <cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: login: no shell: /bin/bash: Permission denied
Message-ID:	<20020307102348.N13590@cygbert.vinschen.de>
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<m3eliylhc2 DOT fsf AT appel DOT lilypond DOT org> <20020306101433 DOT P13590 AT cygbert DOT vinschen DOT de> <3C866A0B DOT 6040500 AT DeFaria DOT com> <20020306213202 DOT C13590 AT cygbert DOT vinschen DOT de> <3C869077 DOT 3090705 AT DeFaria DOT com>
Mime-Version:	1.0
In-Reply-To:	<3C869077.3090705@DeFaria.com>
User-Agent:	Mutt/1.3.22.1i