Mail Archives: cygwin/2005/05/04/05:03:50
On May 4 11:15, Stuart Westbury wrote:
> "There are actually two problems here: 1) a problem with CygWin/OpenSSH
> (after public key authentication GetUserName() returns incorrect
> value)..........."
>
> Is this my problem?
No, that's our problem. There's nothing we can do about it, I'm sorry.
What happens is this: When sshd calls seteuid(), the Cygwin DLL creates
a new user token based on the information in the SAM and Cygwin's /etc/passwd
and /etc/group files. Nothing wrong with that, but since this happens
in user land and not within a registered Windows authentication package,
there's a problem here. The new sub process still runs in the authenticated
session for the SYSTEM resp. the sshd_server user. Even though the new
user token contains all the correct information otherwise, it doesn't
contain a new session identifier since as a non-authentication package,
it can't create its own session identifier. This has the unfortunate
result, that Windows functions still return the name resp. SID of the user
who started the original process (SYSTEM/sshd_server). From my point of
view this is a bug in Windows, but who am I to be asked?
This doesn't happen when using password authentication because in this
case the authentication is done by the standard authentication package
and a new, shiny session identifier is added to the new user token.
And the second question is what?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader mailto:cygwin AT cygwin DOT com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -