Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <3C3F2CCD.8020307@Salira.com>
Date: Fri, 11 Jan 2002 10:19:57 -0800
From: Andrew DeFaria <ADeFaria AT Salira DOT com>
Organization: Salira Optical Networks
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:0.9.4) Gecko/20011128 Netscape6/6.2.1
X-Accept-Language: en-us
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: Setting up user mode cron
References: <1010742369 DOT 28557 DOT ezmlm AT cygwin DOT com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 11 Jan 2002 18:19:54.0241 (UTC) FILETIME=[91280710:01C19ACC]

>
>
>On Thu, Jan 10, 2002 at 10:45:27AM -0800, Andrew DeFaria wrote:
>
>>limits" to cron. IOW I guess what I'm saying is that *something* should be done (I know you can see this as whining and perhaps it is. But it's whining for a good cause! :-)
>>
>So, why aren't you going to roll up your sleeves and create a really useful patch?  
>
As soon as I can receive compensation for it! I'm sorry but I don't work 
for free or at least I do not have the time, resources nor inclination 
to work for free at this time. You can classify this as whining if  you 
like :-).

>>This cron seems to support setting a MAILTO environment variable to tell cron where to mail output in case of errors. Could it not simply 
>>additionally support USERNAME and PASSWD environment variables that, if present in the crontab would cause cron to change user context with asking for logon credentials? Of course of concern would be the possibly cleartext PASSWD. Perhaps PASSWD could be required to be encrypted like that usually in bona fide Unix /etc/passwd (/etc/shadow) files. It's just a thought of a possible workaround to a possibly bad situation.
>>
>You can't encrypt the passwd as in UNIX.  These are asymmetrically
>encryptions.  You can't get the original passwd back.  Your proposition
>would need a symmetrically encrypted password which means, the
>encryption key is either hardcoded in cron (URGH) or it's evaluated
>by some deterministical function (urgh).  And you would of course
>need an extra tool to create the encrypted from the cleartext password
>to allow a user to type it into his/her crontab file.
>
OK, let's look at this another way. When one uses POP or IMAP to 
retrieve email one must authenticate one's username and password to the 
server to retrieve the email. Therefore somewhere the username and 
password is stored. For example, when using POP with Netscape to 
retrieve email from a mail server, Netscape stores the username and 
password somewhere (a configuration file or the registry). For security, 
Netscape encrypts the password in some fashion before storing it. When 
needed Netscape retrieves this information, unencrypts it and sends it 
along to the mail server so that the user is authenticated and the email 
is retrieved. Why then can't Cygwin's cron do something similar?



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/