Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Wed, 30 Jan 2002 11:26:01 +0100 From: Corinna Vinschen To: "Pierre A. Humblet" Cc: cygwin Subject: Re: security.cc: bug report, question and suggestion Message-ID: <20020130112601.B11608@cygbert.vinschen.de> Mail-Followup-To: "Pierre A. Humblet" , cygwin References: <3C4EFF65 DOT FF7BA4DE AT ieee DOT org> <3C4EFF65 DOT FF7BA4DE AT ieee DOT org> <3 DOT 0 DOT 5 DOT 32 DOT 20020129213206 DOT 007e2500 AT pop DOT ne DOT mediaone DOT net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3.0.5.32.20020129213206.007e2500@pop.ne.mediaone.net> User-Agent: Mutt/1.3.22.1i On Tue, Jan 29, 2002 at 09:32:06PM -0500, Pierre A. Humblet wrote: > When ntsec is not defined, internal_getlogin matches the > Windows username with the pw_name's in passwd to find the uid. > When ntsec is defined, internal_getlogin scans passwd by sid's. > Cygwin user names can then be different from Windows user names. > > In my case the program was running as a service under cygrunsrv. > ntsec was not defined in the environment of the service manager, > but only as a -e CYGWIN= argument to cygrunsrv. > When cygrunsrv started it didn't find the Windows username in pw_name > and used the default uid. When the service application started, with > ntsec, it didn't scan the passwd file because cygrunsrv is a Cygwin > process. Thus the username and uid were incorrect under ntsec... > > The same problem happens when a user with a Cygwin username > different from Windows starts without ntsec. > > I saw 4 possible solutions. > 1) Mandate ntsec if Cygwin and Windows user names differ. > Not so good. /etc/passwd is a shared resource and different users > may have different ntsec preferences. Unexpected situations can > occur. But that's the whole point of having `ntsec' on. As I described in the ntsec docs (http://cygwin.com/cygwin-ug-net/ntsec.html) having a Cygwin username different from the Windows username is explicitely a property of `ntsec'. Having a different username is not supported w/o ntsec. Besides that, I can't suggest using ntsec for one user but nontsec for another user. This results in weird effects for the user who's not using ntsec. According to the `ls -l' output she has access to file "foo" but a `cat foo' returns "Permission denied". I admit that that also may happen with ntsec on, due to the complexity of NT permissions which aren't reflected by the `ls -l' output. But the surprises should be few. > 4) Always scan /etc/passwd for sid (on NT/2000/XP). If no success, > rescan based on Windows username. > A little inefficient at startup if ntsec is not enabled, but most > flexible [the two searches can also be combined, possible > optimization]. I think you're right that we should always look for the SID in /etc/passwd at that point. The problem is exactly the startup of cygrunsrv with no CYGWIN setting in the system environment. I'm so used to having the usual "CYGWIN=binmode ntsec tty" in my system environment that I'd never seen that problem. > The attached uinfo.diff file implements solution 4. > It also does not set primary group in the token (useless). No, it's not useless. If this process starts non-Cygwin processes this processes will set the users primary group given in /etc/passwd as primary group for created files. That's intended. I will not remove that. However, I have some problems with your patch to uinfo.cc. - It eliminates the opening brace at line 130 but it eliminates an unrelated closing brace at line 193. The corresponding closing brace would be in line 212. Is that planned - and if so, why - or is that just an accident? - The formatting isn't correct anymore after eliminating the braces. - I'm missing a ChangeLog entry for that patch. Could you please resubmit your patch with these changes to the cygwin-patches mailing list? And would you mind to send a copyright assignment form as described on http://cygwin.com/contrib.html? Thanks for tracking that down. This could explain some of the problems people have starting sshd, perhaps. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin AT cygwin DOT com Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/