Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Thu, 7 Mar 2002 11:02:37 +0100
From: Corinna Vinschen <cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: login: no shell: /bin/bash: Permission denied
Message-ID: <20020307110237.P13590@cygbert.vinschen.de>
Mail-Followup-To: cygwin AT cygwin DOT com
References: <m3eliylhc2 DOT fsf AT appel DOT lilypond DOT org> <20020306101433 DOT P13590 AT cygbert DOT vinschen DOT de> <m3pu2it2tb DOT fsf AT appel DOT lilypond DOT org> <20020306114133 DOT V13590 AT cygbert DOT vinschen DOT de> <m3lmd5ud36 DOT fsf AT appel DOT lilypond DOT org> <20020306174336 DOT A13590 AT cygbert DOT vinschen DOT de> <m36648iz6e DOT fsf AT appel DOT lilypond DOT org> <20020307101441 DOT M13590 AT cygbert DOT vinschen DOT de> <m3wuwohfx5 DOT fsf AT appel DOT lilypond DOT org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <m3wuwohfx5.fsf@appel.lilypond.org>
User-Agent: Mutt/1.3.22.1i

On Thu, Mar 07, 2002 at 10:43:02AM +0100, Jan Nieuwenhuizen wrote:
> > Yes and no.  Fact is, the kernel and the libraries are a real
> > NT system.  But the system tools don't allow you to do all that
> > stuff.
> 
> Ok.  So maybe with the right tools (or /proc/registry tweaking), "Home
> Edition" could be taught to administer nt rights for users/groups.

I have XP HE and XP Prof versions for testing purposes.  The restrictions
in HE are really tricky.  I tried even stuff as moving DLLs and MMC
snapins from Prof to HE but to no avail.

Registry tweaking is useless, too.  The user rights are in the SAM.

What I didn't try but what should work is writing your own
application using LSA Policy functions.  Which means, writing
your own "Local Security Policy" application.

> > But that isn't what you do anyway.
> 
> I don't understand?  [This machine isn't mine, of course, but I've now
> got the choice of using this iso an old Windows 98 box to test cygwin
> stuff]

Sorry, that should read "But that isn't what you *should* do anyway."

> Sure.  Amazingly, the default setup from Miscrosoft is with Outlook
> and one user without passwd, who has administrator (and whatnot)
> rights.  So for enhanced vulnerability, a default IIS install should
> suffice, I guess.

Yeah, HE is an NT system which has been downgraded nearly to the
usual 98 insecurity.  It's annoying.  However, it was funny to
see, that `ntsec' works fine.  Unfortunately you can neither set
nor see the permissions in the GUI.  But you can, using Cygwin.
So with Cygwin you can upgrade HE ;-)

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/