Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <005d01c23417$27a656e0$0100a8c0@wdg.uk.ibm.com>
From: "Max Bowsher" <maxb AT ukf DOT net>
To: <cygwin AT cygwin DOT com>
References: <20020725170413 DOT 3469 DOT qmail AT sources DOT redhat DOT com>
Subject: Future ntsec-detection problem in sshd (Re: winsup/cygwin ChangeLog security.cc)
Date: Thu, 25 Jul 2002 21:09:16 +0100
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

> CVS Log message:
> * security.cc (allow_ntsec): Default to on.

A good idea, but I just want to mention a problem that will eventually arise
with sshd.

It currently checks whether ntsec is enabled by examining the CYGWIN environment
variable. This means that if ntsec is defaulted to on, without ntsec appearing
in the CYGWIN env var, that code now requires reworking. The location of this
now-problematic code in ssh is check_nt_auth in file
openbsd-compat/bsd-cygwin_util.c.

Max.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/