:
> On Feb 16 20:55, David Willis wrote:
> > First let me say that I'm not too well-versed in coding and the ins
> > and outs of how processes utilize credentials when they are spawned.
> > However, the jist of it seems to be that if there are no credentials
> > s
First let me say that I'm not too well-versed in coding and the ins and outs
of how processes utilize credentials when they are spawned. However, the
jist of it seems to be that if there are no credentials saved with passwd -R
to replace the current user token with that of the user that is SSH'd in
Also, just wanted to respond to this one piece of the message to clarify -
The only change I made to what ssh_host_config does is to use the existing
domain admin account cyg_server rather than creating a new local admin
account (and it actually detects it automatically if it exists already so
this
are access
with that account's privileges.
Thanks,
David
-Original Message-
From: cygwin-ow...@cygwin.com [mailto:cygwin-ow...@cygwin.com] On Behalf Of
Erik Soderquist
Sent: Saturday, February 13, 2016 4:34 PM
To: cygwin@cygwin.com
Subject: Re: Possible Security Hole in SSHD w/ CYGWIN?
On
First of all, it is one thing to ask me why I have set this up the way I did
- its another to tell me I've set it up "wrong", especially without known
the ins and outs of my domain and network.
> You still do not seem to have understood what
>
> https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-
Thanks for taking the time to reproduce this - so now I know its not just me :)
And to your point about connecting with a local path vs. a network path, I
noticed that too - permissions are correct when accessing anything locally, but
when accessing via a network path (even if it is to your own
share instead, and specify user credentials to do so).
Thanks,
David
-Original Message-
From: cygwin-ow...@cygwin.com [mailto:cygwin-ow...@cygwin.com] On Behalf Of
David Willis
Sent: Tuesday, February 09, 2016 9:21 PM
To: cygwin@cygwin.com
Subject: RE: Possible Security Hole in SSHD w/
:57 PM
To: cygwin@cygwin.com
Subject: Re: Possible Security Hole in SSHD w/ CYGWIN?
On 9 February 2016 at 21:39, David Willis wrote:
> Just to add an update to this, it appears that processes run from the
> shell while logged into the CYGWIN SSHD server are run as the correct user
- i.e.
Just to add an update to this, it appears that processes run from the shell
while logged into the CYGWIN SSHD server are run as the correct user - i.e.
I run a ping or cat a file and pipe it to less, and check Task Manager on
the SSHD server, and those processes show as being run as the user I SSH'
Sorry for starting a new thread w/ the reply, forgot to subscribe before
posting my question yesterday...
Thanks for getting back so quickly
Yes, I have read that page pretty much from top to bottom, and as far as I
know I have configured sshd and the user accounts correctly. I have a
non-privile
Hello,
I noticed that when connecting via SSH to a CYGWIN-based SSHD server, if the
user connects to a network share (i.e. they CD to the share UNC path in the
BASH/CYGWIN shell), they get connected as the privileged server user account
created for privilege separation when SSHD is configured w/ s
11 matches
Mail list logo
