| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-2.6 required=5.0 tests=BAYES_00,SPF_HELO_PASS,SPF_PASS |
| X-Spam-Check-By: | sourceware.org |
| To: | cygwin AT cygwin DOT com |
| From: | Thomas Nisbach <nisbach AT cityweb DOT de> |
| Subject: | Re: 1.7.1: problem with public key authentication on domain accounts |
| Date: | Tue, 5 Jan 2010 01:29:27 +0000 (UTC) |
| Lines: | 47 |
| Message-ID: | <loom.20100105T020640-981@post.gmane.org> |
| References: | <18e742db1001041142j5322d164t2a83f2a3ef0138d4 AT mail DOT gmail DOT com> <loom DOT 20100105T001743-66 AT post DOT gmane DOT org> <4B427F97 DOT 6030806 AT cygwin DOT com> |
| Mime-Version: | 1.0 |
| User-Agent: | Loom/3.14 (http://gmane.org/) |
| X-IsSubscribed: | yes |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
Larry Hall (Cygwin <reply-to-list-only-lh <at> cygwin.com> writes: > > On 01/04/2010 06:18 PM, Thomas Nisbach wrote: > > Bob Burger<burgerrg<at> gmail.com> writes: > >.... > > Any ideas? > > Are you using LSA? Have you read the security sections of the Users Guide? > <http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview> > I just read a lot in the guide, since it was hardly recommended before updating to 1.7.1-1. After reading the security section I am quite sure I never runned cyglsa-config (/bin/cyglsa also does not exist). > > PS: I stopped Google Desktop (known as application from BLODA list), but this > > was not the problem. > > BLODA is often not removed from having an effect without uninstalling the > offending package. I can't say whether that's a requirement for Google > Desktop however. > There was a thread at Google (http://groups.google.com/group/Google- Desktop_Something-Broken/browse_thread/thread/0dabf807fbdf2d7f) I participated. We found, that in Google Desktop v5.8 the additional preloading of DLLs into any app's memory corrupted cygrunsrv (probably at fork()). Stopping GD and renaming the regkey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion \Windows\AppInit_DLLs was enough to make cygrunsrv/sshd running - no deinstallation/reboot was necessary. This was exactly what I've done this time - even I now run GD v5.9, which operated fine with cygrunsrv/sshd until I updated to CYGWIN v1.7.1. Additionally I found a problem with /var/empty permissions when using SSH privilege separation (also worked before). Even when I chmod 711 /var/empty, create a 'root' user and chown root:root /var/empty I get '/var/empty must be owned by root and not group or world-writable'. I entertain suspicion that there happened something stupid with the filesystem permissions for processes running as SYSTEM and/or background process... (I will probably not be back till Wednesday) -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |