Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
From: William Guynes <wguynes AT mav DOT net>
To: cygwin AT cygwin DOT com
Subject: Re: Possible to login as different user?
Date: Mon, 06 Aug 2001 20:43:22 -0500
Organization: DownWithSpam, Inc.
Reply-To: wguynes AT mav DOT net
Message-ID: <dshumt8j7rbuegt3tlej0242ki86j5bule@smtp.prodigy.net>
References: <vr9rmt8gjqgv1888hsvbda0l1i0qbgo1rh AT smtp DOT prodigy DOT net> <8839-Mon06Aug2001094104+0100-starksb AT ebi DOT ac DOT uk>
In-Reply-To: <8839-Mon06Aug2001094104+0100-starksb@ebi.ac.uk>
X-Mailer: Forte Agent 1.8/32.548
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

On Mon,  6 Aug 2001 09:41:04 +0100, David Starks-Browning
<starksb AT ebi DOT ac DOT uk> wrote:

>What about the FAQ?  Did you read the entry "Where is the su
>command?" Did it help?

Absolutely, I did read it.  It explains very clearly that there is no
"su" command.  The link in that entry affirms that it's gone and says
to use "login", which was failing.

Invariably, everything I have read has adamantly pointed me to the
NTSEC documentation.  The NTSEC doc goes into exhaustive detail on
file permissions and is essential reading, but doesn't go far in
explaining user changes (as opposed to logging out of Win2k and
logging back in as Administrator).

Some have brought up the question, why do I feel a need to do this?
I attempted to run cpan to update some perl modules and ran into
permission errors.  My immediate reaction was to change to
"administrator" and try again.  The lack of "su" was of little
consequence but when "login" failed I was a bit concerned.

I can always fall back to Win2k logout.  There appear to be some
security issues with letting a Cygwin session change usernames.

>I don't use su or login, so I need help with this FAQ entry.

The only things I can think of would be some form of explanation of
why "su" was removed and, possibly, some instructions of how to get
"login" working.  Any security risks in doing so could be detailed.

Potential Risk:  Don't let a default installation give a user a
backdoor to possibly bypass NT user security. (?)

-- 
William Guynes

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/