| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:reply-to:message-id:to:subject | |
| :in-reply-to:references:mime-version:content-type | |
| :content-transfer-encoding; q=dns; s=default; b=YmBd0GW17B/URoVP | |
| HwaAJxKuRpE44oCWPWvqUFFiXBnIoRxe1UTYkztNdajhW+6ndOzW9gCHZNISZLFX | |
| Mb9JvBYQAGIcY4TOJwvcjRPjAzzhlDCBWbdbooJ5DJJvcKCChqs99HCM/8sf3MYX | |
| 7KgWzoFy9U8O0DmnfJPbFIklxks= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:reply-to:message-id:to:subject | |
| :in-reply-to:references:mime-version:content-type | |
| :content-transfer-encoding; s=default; bh=9uCsADCRFas/b/yXUZl8sO | |
| wRZi8=; b=cEPR296CHn6umZmQO1IqfV9BIqtvfz9R08KmTRkAyi1rcohRbTTTHu | |
| TFi2PbJN+FLGvbbukbyix1d2uyW/Zy4pilpvSZzB//h5c31DzwyGn9f2wogRyI8S | |
| uRE56MloWr47BRcu5nON4osMXof43QzOXPFE3/XBOsYlwmQ4J5xjc= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=3.4 required=5.0 tests=BAYES_50,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2 |
| X-HELO: | smtpback.ht-systems.ru |
| Date: | Wed, 23 Jul 2014 20:08:07 +0400 |
| From: | Andrey Repin <anrdaemon AT yandex DOT ru> |
| Reply-To: | cygwin AT cygwin DOT com |
| Message-ID: | <1273556697.20140723200807@yandex.ru> |
| To: | "D. Boland" <daniel AT boland DOT nl>, cygwin AT cygwin DOT com |
| Subject: | Re: The eternal uid issue |
| In-Reply-To: | <53CF9E0F.F596FC60@boland.nl> |
| References: | <53CF6CEC DOT 6D68E485 AT boland DOT nl> <20140723091409 DOT GH27005 AT calimero DOT vinschen DOT de> <53CF9E0F DOT F596FC60 AT boland DOT nl> |
| MIME-Version: | 1.0 |
| X-IsSubscribed: | yes |
Greetings, D. Boland! > Hi Corinna, > Corinna Vinschen wrote: >> >> > Isn't it about time to make this our First Directive also? >> >> Not in relation to the uid. In contrast to Linux we don't have the one >> single root user. We have potentially endless numbers of them, and one >> of them, not necessarily SYSTEM, is used to run the service. Keep in >> mind that there may also be company policy in place which disallows >> installing services under specific accounts unless absolutely necessary. >> >> Therefore, while we mostly strive to make Cygwin accommodate user >> space, we're not able to do it related to the root uid. >> > Thanks for your lengthly and detailed answer. I appreciate that. But don't you think > upstream maintainers will raise at least one eyebrow if we propose code that makes > any user who starts the program the root/admin user? You obviously did not understand Corinna's reply. And removed the part of reply that directly answer all your questions. > You suggest only those who are in the admin group. But that will soon be any service > that starts up. That's essentially the same as starting services as root on *NIX system. I fail to see the difference. > It actually is my solution to running Sendmail: create the Sendmail user, called > 'smmsp' and make it an Administrator, so it can impersonate users on my system. > But I don't like my solution, because this would mean I have to create an admin-user > for any Linux service that I install. So now my Cygwin setup would be crowded with > highly privileged daemons, listening, waiting to get hacked. Windows privilege model allow you to alleviate such concerns. > The more elegant solution would be to create only one secondary privileged user, > let's call it 'root' ;-). Now Sendmail can start as root, switch to the totally > *unprivileged* 'smmsp' user and receive mail. This is essentially what Cygwin is doing right now. > Of course the real bonus is that these unprivileged users wouldn't need passwords, > since they are impersonated, not logged on. These would consequently be > *super-secure* users, because it is impossible to login with an empty password. You'd be surprised. > Why is this related to the uid issue? Because there's no fixed UID. This is a core system difference, that you have to live with. > I already tested the second solution. I found out that if I assign my 'root' > user the '0' id in /etc/passwd, it actually works. I was delighted, because > I could roll-back all these weird changes I put in the > Sendmail/procmail/mail.local source to fix the getuid != 0 problem. /etc/passwd will soon be gone. > If we go with this MS-imposed idea of "putting services in admin-context", There's no such idea. You just imagined it. > Cygwin security will be done for in the long run. Why not make the leap and > show MS admins/developers how it should be done? You really think they are all idiots?... Like, really? -- WBR, Andrey Repin (anrdaemon AT yandex DOT ru) 23.07.2014, <20:01> Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |