Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: [ANNOUNCEMENT] Re: Updated: OpenSSH-3.4p1-1 Reply-To: cygwin AT cygwin DOT com Message-Id: <20020627163858.AE8BD1B5E3@redhat.com> Date: Thu, 27 Jun 2002 12:38:58 -0400 (EDT) On Wed, Jun 26, 2002 at 06:50:10PM +0200, Corinna Vinschen wrote: > I've updated the version of OpenSSH to 3.4p1-1. > > This is a official bug fix release. > > Note that the Cygwin source differs in one file from the official > source since a last minute patch of the official OpenSSH maintainers > did break privilege separation for Cygwin again :-( So the Cygwin > source archive contains a patched sshd.c. Since that message wasn't as clear as I hoped, I have to add the following text: The code added by the OpenSSH maintainers checked the /var/empty directory for ownership 'root'. This is obviously not useful on Cygwin. The Cygwin version modifies that test so that if /var/empty resides on a FAT or FAT32 filesystem, or if ntsec is not activated, the ownership isn't tested at all. If /var/empty is on a NTFS filesystem and ntsec is switched on, the ownership is checked against the user running sshd. Hint: If sshd is started as service under SYSTEM account, the ownership is checked to be SYSTEM... Any further question as usual to cygwin AT cygwin DOT com. Please don't send private email. -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin AT cygwin DOT com Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/