This is the mail archive of the
mailing list for the Cygwin project.
Re: login: no shell: /bin/bash: Permission denied
Corinna Vinschen wrote:
> On Wed, Mar 06, 2002 at 11:12:11AM -0800, Andrew DeFaria wrote:
>>You imply that somebody has the ability to change user context! If so
>>then who is that somebody (USER)?
> I have to tell that each week (day?) again, apparently. It's SYSTEM.
Sorry, I saw that the very next post. So then is it possible to login(1)
as SYSTEM then use login(1) to switch user? Probably not because you
(i.e. not the other user nor SYSTEM) can't use login to switch user to
OK then, seems to me that su might be implementable by using a service
that runs as SYSTEM and takes requests to switch user from user A to
user B. Possible?
>>It's my understanding that the only thing(s) that use login are things
>>Frustrated by the lack of su(1M)!
> Did you ever try to understand NT security?
Only briefly I glanced over it. Honestly I do not wish to be an NT
> Otherwise you would
> know know the cause for this restriction. It's exceptionally not
> because we're mean!
Did I say you were mean?
>>Oh, BTW, here's a potential security problem:
>>$ rsh hosta id
>>uid=1370(adefaria) gid=513(Domain Users) groups=0(Everyone),512(Domain
>>$ rsh hosta -l otheruser id
>>uid=1269(otheruser) gid=513(Domain Users) groups=0(Everyone),513(Domain
>> How did I rsh as another user and not be prompted for a password?
> Because you have an .rhosts file? I assume you know how rsh
> works on U*X systems, don't you?
No need to get condesending here Corinna! I know how rsh works! My first
shot at it had a ~/.rhosts file but just before I posted I said to
myself that I should verify this is still a problem without a ~/.rhosts
so I moved it aside and reproduced exactly the same problem.
Regardless, to me it's still would be a large security hole if all one
needs to do is:
$ echo "+" > ~/.rhosts
to be able to abuse rsh to do something under somebody else's user ID is
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html