This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: su questions
- From: "Pierre A. Humblet" <Pierre dot Humblet at ieee dot org>
- To: Rodrigo Serra <rmserra at fibertel dot com dot ar>
- Cc: cygwin at cygwin dot com
- Date: Fri, 04 Apr 2003 16:21:26 -0500
- Subject: Re: su questions
- References: <000001c2faeb$d031ac10$0102a8c0@rmserra.com.ar>
Rodrigo Serra wrote:
>
> Pierre
>
> I create a new user named init, and assigned privileges "Act as part of the
> operating system", "Create a token object", "Log on as service", and
> "Replace a process level token" and the ssh and su with no password prompt
> work!!!
>
> I not understand what happened. In the documentation of openssh mentioned
> the necessary privileges and not indicate "Create a token object" but
> indicate "Increase quotas". This privileges not exists in my Windows .net
>
> Well now setguid works in my Windows .net box.
Great. I don't think you need "Act as part of the operating system",
try removing it to increase security and let us know.
According to MS "Increase Quota" is needed for CreateProcessAsUser
<http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/createprocessasuser.asp>
but your box seems to be special.
Pierre
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/