Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Fri, 8 Nov 2002 15:28:10 +0100 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: [ANNOUNCEMENT] Updated: OpenSSH-3.5p1-1 Message-ID: <20021108152810.H21920@cygbert.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.22.1i On Thu, Nov 07, 2002 at 09:23:30AM -0800, Karl M wrote: > The behavior I see now is that if I do > > chown administrators.none /etc/ssh_host_rsa_key* > chmod 777 /etc/ssh_host_rsa_key* > > Then with StrictModes enabled, sshd will start and run just fine (running as > > system). But if I then do > > chown system.none /etc/ssh_host_rsa_key* > > Then sshd fails to start. But I (think I) recall that in the past the > protection had to be tight and the owner had to be system for sshd to start? I checked that and could reproduce it. I talked to one of the OpenSSH maintainers and he confirmed that behaviour as normal. From my point of view it's a security weakness but... Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin AT cygwin DOT com Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/