Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sources DOT redhat DOT com Delivered-To: mailing list cygwin AT sources DOT redhat DOT com Message-ID: <13013671.965751302190.JavaMail.imail@neon.excite.com> Date: Tue, 8 Aug 2000 09:15:01 -0700 (PDT) From: Bob Heckel Reply-To: To: Robert Collins , cygwin AT sources DOT redhat DOT com Subject: Re: inetd security hole? Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Excite Inbox X-Sender-Ip: 202.252.212.40 Thanks for the suggestion, Rob but I still need the Guest account to allow anonymous NT shares (for my non-Cygwin enlightened coworkers) to certain directories on my W2K box. I'll just leave Guest out of /etc/passwd for now. The thing that worried me originally was that "dropbox" shares are common on Windoze machines and I only discovered the hole by accident. Unfortunately the inetd documentation doesn't mention the issue. Bob Heckel p.s. Thanks also to Dave for your comments. On Tue, 8 Aug 2000 08:23:57 +1000, Robert Collins wrote: > I agree that this is a NT feature.. in fact the guest account can be > renamed, or disabled. Bob - if you disable the guest account on your > machine, cygwin shouldn't be able to login you whether or not guest is > listed in /etc/passwd. > > Rob _______________________________________________________ Say Bye to Slow Internet! http://www.home.com/xinbox/signup.html -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com