delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2003/12/11/11:46:59

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Reply-To: Cygwin List <cygwin AT cygwin DOT com>
Message-Id: <6.0.1.1.0.20031211113955.039a4318@127.0.0.1>
X-Sender:
Date: Thu, 11 Dec 2003 11:44:11 -0500
To: Matthew McGillis <matthew AT mcgillis DOT org>, Brian Ford <ford AT vss DOT fsi DOT com>
From: Larry Hall <cygwin-lh AT cygwin DOT com>
Subject: Re: shell under sshd fail to fork child process
Cc: cygwin AT cygwin DOT com
In-Reply-To: <a06002003bbfd706ff572@[65.102.135.163]>
References: <a06002002bbfd69e06bbb@[65.102.135.163]>
<Pine DOT GSO DOT 4 DOT 58 DOT 0312101844520 DOT 28297 AT eos>
<a06002003bbfd706ff572@[65.102.135.163]>
Mime-Version: 1.0 

At 11:27 AM 12/11/2003, Matthew McGillis you wrote:
>> > I have installed the latest and greatest cygwin and sshd on a Small
>>> Business Windows Server 2003. Everything works great on the console
>>> and ssh'ing in and out works fine. However once I access the web
>>> server running on the box anyone sshd in will no longer be able to
>>> run anything that creates a child process. All cygwin functionality
>>> from the console still works fine. I can look at the processes and
>>> see srvc sshd and shells all running under SYSTEM.
>>Oops!                                        ^
>
>Not sure what your suggesting with this but for clarification I should point out that the bash child shells of sshd are not running as SYSTEM but as who ever logged in. My main point with that is that from the console it is still easy to see that things look fairly normal even though those shells tied to sshd can not fork processes.


The "suggestion" is that SYSTEM has been proven to *NOT* be a sufficiently
privileged user for W2K3 to run Cygwin services that require switching
users.  There's lot's of discussion of that in the email archives.  You can 
skulk around yourself to see all the discussions.

<http://cygwin.com/ml/cygwin/2003-09/msg00435.html> discusses the key
issue.



--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746                     


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019