Mailing-List: contact cygwin-help@sourceware.cygnus.com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@sourceware.cygnus.com Delivered-To: mailing list cygwin@sourceware.cygnus.com Date: Tue, 11 Jan 2000 00:22:50 +0300 From: Egor Duda X-Mailer: The Bat! (v1.029) S/N A0F2A05A Reply-To: Egor Duda Organization: DEO Message-ID: <1015.000111@logos-m.ru> To: john@thinman.com, Chris Faylor , cygwin@sourceware.cygnus.com Subject: Re[2]: SSH 1 Server and the Passwd file References: <20000110160317.A10917@cygnus.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi! Jan 11 2000 Chris Faylor cgf@cygnus.com wrote: >>I foolishly tried to make crypts w/ perl ( perl -e 'print -e ( "secretpasswd", >>"salt" ) >> >>But is that such a bad idea ?? >> >>Ok, confession time, I am ~not~ a c programmer, though I wish I were. >>Would it be easy just to revert to the un/linix format ??, especially when the >>cygwin docs pretty well dont want you to allow cygwin to be multi-user if >>security in involved ?? CF> It's certainly possible to do. If you're asking if this will magically appear CF> in a future release, the answer is probably no, unless you can find somebody CF> willing to invest time in doing this. I've thought about this problem some time ago. I'm using Corinna's port of cron, and it uses encrypted versions of clear-text windows passwords. It's better than nothing, but not very secure. As microsoft docs state, it's still possible to start process in other security context without supplying clear-text password, but it requires custom "local security authority" (LSA) to be written. Maybe i'll try to write one and implement something similar to md5 passwords. And then it could be possible to port setuid programs like cron and sudo in more unix-like way. Egor. mailto:deo@logos-m.ru ICQ 5165414 FidoNet 2:5020/496.19 -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe@sourceware.cygnus.com