Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Message-ID: <005d01c23417$27a656e0$0100a8c0@wdg.uk.ibm.com>
From: "Max Bowsher" <maxb@ukf.net>
To: <cygwin@cygwin.com>
References: <20020725170413.3469.qmail@sources.redhat.com>
Subject: Future ntsec-detection problem in sshd (Re: winsup/cygwin ChangeLog security.cc)
Date: Thu, 25 Jul 2002 21:09:16 +0100
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

> CVS Log message:
> * security.cc (allow_ntsec): Default to on.

A good idea, but I just want to mention a problem that will eventually arise
with sshd.

It currently checks whether ntsec is enabled by examining the CYGWIN environment
variable. This means that if ntsec is defaulted to on, without ntsec appearing
in the CYGWIN env var, that code now requires reworking. The location of this
now-problematic code in ssh is check_nt_auth in file
openbsd-compat/bsd-cygwin_util.c.

Max.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/