| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=GrjoRsafT4IRC9Qk1NREO8rNg8lBqqI/ws64yjnUvfrn3bGT8Gtpc | |
| JCb8VAxXZ+ek9L3f7WZBqefE4EXx6OwNm/UkE8q7A6wjxMS7l3Nt/w2m04pH1aB1 | |
| 5307hZIiPZl5pEXooVC8+s1waZndKmpQ97/gkjmpYkiir4x8keGQbI= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=dwIWQ8OkA57NQwgob9EHqcjkZ/Y=; b=Xq2gzGRYX2VB2Wcn6OUFdfyXS1hE | |
| 9hnG3/6tt+o4vkwDAHR/5DE7JzwTDy93StHuEHTCCDy2U4UaVU1r2BcWl4sxtrZI | |
| F/tCu9tDU6IR2rJWoIiZQaBtf/kYV9N1QomwGg9O7Q9MyhMEtjEhd7svRHedGHFm | |
| ADr0gnhLIg/k/dQ= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-94.7 required=5.0 tests=BAYES_20,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_PBL,RDNS_DYNAMIC,USER_IN_WHITELIST autolearn=no version=3.3.2 spammy=unintended, outs, grok, HX-Envelope-From:sk:corinna |
| X-HELO: | calimero.vinschen.de |
| Date: | Thu, 18 Feb 2016 16:12:57 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Possible Security Hole in SSHD w/ CYGWIN? |
| Message-ID: | <20160218151257.GA14838@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <CANnLRdhVrFcveO_jKb3_x=44WMJNO33DPnsJZ12Wus3U7Wo_fQ AT mail DOT gmail DOT com> <019e01d163c2$d678c7e0$836a57a0$@comcast.net> <023901d165e4$925507d0$b6ff1770$@comcast.net> <87d1s1c8ld DOT fsf AT Rainer DOT invalid> <CACoZoo3R4CDcgTMMex9QZ=Wh9a8CDvyUHpqj5+Br5xYFvGHvuQ AT mail DOT gmail DOT com> <87a8n38t3r DOT fsf AT Rainer DOT invalid> <CACoZoo3831x0PVOQ9j6zh+Q4EE4-LFNV7KQsgeyooPJmvM7qVA AT mail DOT gmail DOT com> <20160215121101 DOT GC7085 AT calimero DOT vinschen DOT de> <003801d1693f$6a5d71a0$3f1854e0$@comcast.net> <20160217094335 DOT GA5722 AT calimero DOT vinschen DOT de> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <20160217094335.GA5722@calimero.vinschen.de> |
| User-Agent: | Mutt/1.5.24 (2015-08-30) |
--Qxx1br4bt0+wmkIi Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Feb 17 10:43, Corinna Vinschen wrote: > On Feb 16 20:55, David Willis wrote: > > First let me say that I'm not too well-versed in coding and the ins and= outs > > of how processes utilize credentials when they are spawned. However, the > > jist of it seems to be that if there are no credentials saved with pass= wd -R > > to replace the current user token with that of the user that is SSH'd i= n, > > then there is no way to change that token at all (or get rid of it) mea= ning > > the token used when accessing a share will stay as the token of the cal= ler - > > namely cyg_server? Please correct me if I'm way off-base but that seems= to > > be my interpretation of this. >=20 > It's wrong, but it's not easy to grok how this all works under the hood. > First of all, refering to > https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview, only > method 1 should be affected. > [bla, bla] > > If that is the case, it seems this is an unintended side effect of the = way > > CYGWIN and sshd work together, and with the current state of Windows th= ere > > isn't really a way around it. >=20 > There might be a way around that. I have a vague idea what to do to > create a new logon session, even when creating the token from scratch > per method 1, which would not share the network credentials of the > caller. But it's just that yet, an idea. I implemented and tested the idea and it seems to work. Note that the underlying problem that we can't generate our own login session when using method 1 persists. However, the new code should avoid spilling cyg_server credentials into the user session. Please give the new Cygwin test release 2.5.0-0.4 (https://cygwin.com/ml/cygwin-announce/2016-02/msg00023.html) a try. Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --Qxx1br4bt0+wmkIi Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWxd95AAoJEPU2Bp2uRE+gP9IQAKVQhyZt9pIkCoFgC94VXQsZ Ykmyfqoo2tXgh3qp0L0ue5ZZFvFoZqhtd8M8lTG+jywd+xD+ehYC/4GElNTKPSFW bXsFX2BiBh7y3M4ZRIh9Chf965QvM4Wt9mAexCW49ghq/tuwjoOAI0XGzqKYp1ZU +b/FotZsOkRlOY9suP6PiLshdxOBr0mGl/xmqTw5bPVOkK0bkd+nF+rKI8QGwWTK DtSTSqzYBSfPiPw8C4Z1H0E+Kx+JGJkLL16XGFATS4rNQ9+QoA1L3iJpkVbxEOf3 wPGe41q4ApXNi0fznsy2Pr7iMwkvtoT563nD0UDZt+GiEkogSmnu+Bg8oV+Xz8q8 x4chqBrHYgp+uN1HExg3/xfUePC8Uib+4epKahHhSX7dUJbArrcPvLr02u3cqKPa /tq9UHPhVK6GmRlsLPoNahCrRGoxBwMXjLuuQkzuyrqEoDOU57OC7+I/guN2uNVL INGthkW/KWQ3u6Ii9HOsWeIHtooYhPe5UGaOMRSJd0oRHhtmAfjpULDhzNzm561+ W858mJRz6igq+18DYWSbvmuTGhymFInE4kOnB/r4bm+ZjNNrxAY4/4HjB7DYv8lR N/TPCUgtFYafyKv1cce6uPfoF17a/VWP9nKoXoSvt1No3N9Mr/SmZJf+KOoji6lY 5ndSmOTsG6b49K1S4TIM =5l+8 -----END PGP SIGNATURE----- --Qxx1br4bt0+wmkIi--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |