Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Thu, 7 Mar 2002 11:02:37 +0100 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: login: no shell: /bin/bash: Permission denied Message-ID: <20020307110237.P13590@cygbert.vinschen.de> Mail-Followup-To: cygwin AT cygwin DOT com References: <20020306101433 DOT P13590 AT cygbert DOT vinschen DOT de> <20020306114133 DOT V13590 AT cygbert DOT vinschen DOT de> <20020306174336 DOT A13590 AT cygbert DOT vinschen DOT de> <20020307101441 DOT M13590 AT cygbert DOT vinschen DOT de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.22.1i On Thu, Mar 07, 2002 at 10:43:02AM +0100, Jan Nieuwenhuizen wrote: > > Yes and no. Fact is, the kernel and the libraries are a real > > NT system. But the system tools don't allow you to do all that > > stuff. > > Ok. So maybe with the right tools (or /proc/registry tweaking), "Home > Edition" could be taught to administer nt rights for users/groups. I have XP HE and XP Prof versions for testing purposes. The restrictions in HE are really tricky. I tried even stuff as moving DLLs and MMC snapins from Prof to HE but to no avail. Registry tweaking is useless, too. The user rights are in the SAM. What I didn't try but what should work is writing your own application using LSA Policy functions. Which means, writing your own "Local Security Policy" application. > > But that isn't what you do anyway. > > I don't understand? [This machine isn't mine, of course, but I've now > got the choice of using this iso an old Windows 98 box to test cygwin > stuff] Sorry, that should read "But that isn't what you *should* do anyway." > Sure. Amazingly, the default setup from Miscrosoft is with Outlook > and one user without passwd, who has administrator (and whatnot) > rights. So for enhanced vulnerability, a default IIS install should > suffice, I guess. Yeah, HE is an NT system which has been downgraded nearly to the usual 98 insecurity. It's annoying. However, it was funny to see, that `ntsec' works fine. Unfortunately you can neither set nor see the permissions in the GUI. But you can, using Cygwin. So with Cygwin you can upgrade HE ;-) Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin AT cygwin DOT com Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/