Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-developers-owner AT cygwin DOT com Delivered-To: mailing list cygwin-developers AT cygwin DOT com Date: Tue, 22 Oct 2002 14:19:47 -0400 From: Christopher Faylor To: cygwin-developers AT cygwin DOT com Subject: Re: Avoiding /etc/passwd and /etc/group scans Message-ID: <20021022181947.GA4729@redhat.com> Reply-To: cygwin-developers AT cygwin DOT com Mail-Followup-To: cygwin-developers AT cygwin DOT com References: <3DB416E7 DOT 99E22851 AT ieee DOT org> <20021021162246 DOT GC15828 AT redhat DOT com> <20021022162432 DOT GF514 AT redhat DOT com> <3DB58CBD DOT 87B2BDD8 AT ieee DOT org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DB58CBD.87B2BDD8@ieee.org> User-Agent: Mutt/1.5.1i On Tue, Oct 22, 2002 at 01:37:01PM -0400, Pierre A. Humblet wrote: >Christopher Faylor wrote: >> >> I've checked this in. If this solves the majority of the ntsec complaints, >> I may even send you a medal. >> >> If I had any idea that turning on ntsec by default would cause this much >> pain, I don't think I would have considered it. > >Thanks. By the way the patch can be tested by screwing up the passwd file. >Delete your sid or (more simply) add a "," at the end. Everything should >still work as before for you, if your Windows name == Cygwin name, except >you will be unable to ssh into the system. >You can also delete your passwd entry altogether. > >I keep watching the list and I have identified other solvable >issues. I have fixes, but they are more substantial than this patch. >I was going to to submit them after Corinna comes back, as they >overlap the uid == gid patch I had sent just before she left. I'll provide you with ssh access to sources.redhat.com if you want to accumulate your patches on a branch and maybe even offer your own "snapshots". I really didn't anticipate the level of difficulties that are showing up in the cygwin mailing list wrt ntsec, so I'd like to get them solved. I'm thinking that if we can get some stuff tested before Corinna returns then maybe it will make her job a little easier. Barring that, if you could offer some assurance, on the cygwin mailing list, that you're looking into the bugs, that would be helpful. Then, at least, people will realize that their complaints aren't falling on deaf ears. cgf