This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Future ntsec-detection problem in sshd (Re: winsup/cygwin ChangeLog security.cc)


On Fri, Jul 26, 2002 at 10:23:45PM +0100, Max Bowsher wrote:
> Corinna Vinschen wrote:
> > On Thu, Jul 25, 2002 at 09:09:16PM +0100, Max Bowsher wrote:
> >>> CVS Log message:
> >>> * security.cc (allow_ntsec): Default to on.
> >>
> >> A good idea, but I just want to mention a problem that will
> >> eventually arise with sshd.
> >>
> >> It currently checks whether ntsec is enabled by examining the CYGWIN
> >> environment variable. This means that if ntsec is defaulted to on,
> >> without ntsec appearing in the CYGWIN env var, that code now
> >> requires reworking. The location of this now-problematic code in ssh
> >> is check_nt_auth in file openbsd-compat/bsd-cygwin_util.c.
> >
> > Thanks for the heads up.  I have to add a version check then.
> 
> Perhaps is would be better to add a 'bool is_ntsec_enabled();' function to
> cygwin1.dll?

Perhaps.  OTOH I'd have to load that function dynamically inside of
sshd so that it still runs on older versions of the Cygwin dll.  And
if the function doesn't exist, I'd have to check ntsec still using
the old method.  Hmm.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]