X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:references:in-reply-to:subject:date :message-id:mime-version:content-type:content-transfer-encoding; q=dns; s=default; b=IXryc9qt12zAw7Dw6P0Uf+8/h+kx/NAuLiWhYMS+WJk 7sIsS2Yah5sJR99YpBYHQlZ/Ld6ouYOBzAc4ud+TbxaAJbs9XBJuqdQ/LH7cs+Lb 1OWHdlNzsAKZHn/5Cdj7YZ9WeZod57ZRykS17LD1uFjBRjF3qz72juih8H7AD0Yg = DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:references:in-reply-to:subject:date :message-id:mime-version:content-type:content-transfer-encoding; s=default; bh=n6n/266+4EzaZvZsM7Mzfonf8t0=; b=YhRI2SEZZSeaULQyv LJ+FFD08Ly9xoidOLeTOUn51umQ+upYo3PuPgJMu4CsFiWcmzpL1NYVfpoqY0yiN eTMIe3lQ/uD2vOdNVGHH/Lo02u3QSae39fb455b3MyJBWUSx64NA4ukjcDwg6kvF iHgBldVfxYA5lOS7QDllZYVqHA= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=4.9 required=5.0 tests=AWL,BAYES_50,CYGWIN_OWNER_BODY,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD,SPF_PASS autolearn=no version=3.3.2 spammy=H*i:sk:CACoZoo, H*f:y-woPP9j-huBwT, H*i:sk:wSpjUAk, H*f:sk:wSpjUAk X-HELO: resqmta-po-09v.sys.comcast.net From: "David Willis" To: References: <019c01d163bc$fe2fc500$fa8f4f00$@comcast.net> <019e01d163c2$d678c7e0$836a57a0$@comcast.net> In-Reply-To: Subject: RE: Possible Security Hole in SSHD w/ CYGWIN? Date: Sat, 13 Feb 2016 12:04:53 -0800 Message-ID: <023e01d16699$cdac5df0$690519d0$@comcast.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" X-IsSubscribed: yes Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id u1DK59JH001590 Thanks for taking the time to reproduce this - so now I know its not just me :) And to your point about connecting with a local path vs. a network path, I noticed that too - permissions are correct when accessing anything locally, but when accessing via a network path (even if it is to your own machine), will reproduce this issue. Can any developers weigh in as to where the core of the problem might lie and/or how it would possibly be fixed? Thanks, David -----Original Message----- From: cygwin-owner AT cygwin DOT com [mailto:cygwin-owner AT cygwin DOT com] On Behalf Of Erik Soderquist Sent: Friday, February 12, 2016 5:04 PM To: cygwin AT cygwin DOT com Subject: Re: Possible Security Hole in SSHD w/ CYGWIN? With the precise steps listed/demonstrated, I've reproduced it I connected with ssh as a normal user using a private key, and cd'd to //server/c$/ successfully, and in the Windows active sessions, it does indeed show "cyg_server" as the connected user, not the user I logged in with. Trying this using a password rather than a private key behaves as expected. Taking this a step further, I created a new directory from Windows Explorer and reset the permissions to explicitly deny access to the normal user I tested with. Then I tried to cd to /cygdrive/c/access_denied_test/ and received the expected access denied message, but when I tried to cd to //server/c$/access_denied_test/ I succeeded, and was able to create new files in the directory. I can provide screen shots of the reproduction without the need to redact quite so much. -- Erik -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple