Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Message-ID: <001301c1a2e2$a2b82410$2801a8c0@DCUTHBERT2K> From: "Dylan Cuthbert" To: "Corinna Vinschen" References: <002c01c1a23f$ac0f2e80$2801a8c0 AT DCUTHBERT2K> <20020121103959 DOT G11608 AT cygbert DOT vinschen DOT de> Subject: Re: security with the ftp daemon Date: Tue, 22 Jan 2002 10:18:01 +0900 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Thanks, you were right, I regenerated the groups file and it returned to being secure again - it seems a bit dangerous to default to admins group, maybe better if it defaults to guest or something along those lines? Regards --------------------------------- Q-Games, Dylan Cuthbert. http://www.q-games.com ----- Original Message ----- From: "Corinna Vinschen" To: Sent: Monday, January 21, 2002 6:39 PM Subject: Re: security with the ftp daemon > On Mon, Jan 21, 2002 at 02:51:29PM +0900, Dylan Cuthbert wrote: > > Hi there, > > > > I've set up the ftp server with inetutils on win2k, but I get a strange > > security hole. > > > > I've set permissions so that only "Administrators" can access the cygwin > > directories. The home directories are only accessible by their respective > > users and /bin is Everyone and read-only. > > > > However, after setting this up and rebooting the machine once, if I ftp in > > as a regular user I can access all the administrator priviledge directories > > (in read/write mode!) with no problem at all. Is this a known problem and > > is there a way to get it to work securely? Surely the ftp daemon should > > switch its user to the id of the person logging in? > > Check if your /etc/group is setup correctly. If the group of > the user doesn't exist, setgid() falls back to the admins group > currently. > > -- > Corinna Vinschen Please, send mails regarding Cygwin to > Cygwin Developer mailto:cygwin AT cygwin DOT com > Red Hat, Inc. > > -- > Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple > Bug reporting: http://cygwin.com/bugs.html > Documentation: http://cygwin.com/docs.html > FAQ: http://cygwin.com/faq/ > -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/