X-Spam-Check-By: sourceware.org
Message-ID: <452FAECD.3000202@cwilson.fastmail.fm>
Date: Fri, 13 Oct 2006 11:20:45 -0400
From: Charles Wilson <cygwin AT cwilson DOT fastmail DOT fm>
User-Agent: Thunderbird 1.5.0.7 (Windows/20060909)
MIME-Version: 1.0
To: The Cygwin Mailing List <cygwin AT cygwin DOT com>
Subject: Re: Updated: OpenSSH-4.4p1-1
References: <20061004144640 DOT GD25401 AT calimero DOT vinschen DOT de> <DE31A43DBCABD64A9397DDFD45B8922005718EA4 AT 0015-its-exmb01 DOT us DOT saic DOT com> <20061012071004 DOT GQ13105 AT calimero DOT vinschen DOT de>
In-Reply-To: <20061012071004.GQ13105@calimero.vinschen.de>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Corinna Vinschen wrote:
> On Oct 11 16:20, Wells, Roger K. wrote:
>> When I installed this my previous installation broke and now the sshd
>> server stops immediately when it is started.  Any hints will be
>> appreciated.
>> thanks
> 
> Maybe that's it: http://cygwin.com/ml/cygwin/2006-10/msg00250.html

This is bad.  Suppose I am a cygwin user on a machine to which I do not 
have Administrator privileges.  Until now, I could run a personal sshd 
on a unique port, and connect back to my windows box.  Now I can't -- 
because, as a non-Admin, I can't create the sshd user.  (and this use 
case is not a hypothetical; I do this on the job often)

I consider this a regression -- and what's worse, IMO the patch that 
imposed this new requirement is dead wrong.  Here's a fuller quote of 
the offending section of the changelog:

  - (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can
    be used to drop privilege to; fixes Solaris GSSAPI crash reported by
    Magnus Abrante; suggestion and feedback dtucker@
    NB. this change will require that the privilege separation user must
    exist on all the time, not just when UsePrivilegeSeparation=yes

My translation: even when UsePrivilegeSeparation=no we are STILL going 
to use privsep.  And this misfeature will be imposed across all 
platforms, just to fix a crash on one platform when using one optional 
authentication component.

Not nice, not nice at all.

--
Chuck


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/