Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Message-ID: <021301c234eb$a8d6bf00$0100a8c0@wdg.uk.ibm.com> From: "Max Bowsher" To: References: <20020725170413 DOT 3469 DOT qmail AT sources DOT redhat DOT com> <005d01c23417$27a656e0$0100a8c0 AT wdg DOT uk DOT ibm DOT com> <20020726102233 DOT V3921 AT cygbert DOT vinschen DOT de> Subject: Re: Future ntsec-detection problem in sshd (Re: winsup/cygwin ChangeLog security.cc) Date: Fri, 26 Jul 2002 22:23:45 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Corinna Vinschen wrote: > On Thu, Jul 25, 2002 at 09:09:16PM +0100, Max Bowsher wrote: >>> CVS Log message: >>> * security.cc (allow_ntsec): Default to on. >> >> A good idea, but I just want to mention a problem that will >> eventually arise with sshd. >> >> It currently checks whether ntsec is enabled by examining the CYGWIN >> environment variable. This means that if ntsec is defaulted to on, >> without ntsec appearing in the CYGWIN env var, that code now >> requires reworking. The location of this now-problematic code in ssh >> is check_nt_auth in file openbsd-compat/bsd-cygwin_util.c. > > Thanks for the heads up. I have to add a version check then. Perhaps is would be better to add a 'bool is_ntsec_enabled();' function to cygwin1.dll? Max. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/