This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: 1.7.1: problem with public key authentication on domain accounts


Larry Hall (Cygwin <reply-to-list-only-lh <at> cygwin.com> writes:

> 
> On 01/04/2010 06:18 PM, Thomas Nisbach wrote:
> > Bob Burger<burgerrg<at>  gmail.com>  writes:
> >....
> > Any ideas?
> 
> Are you using LSA?  Have you read the security sections of the Users Guide?
> <http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview>
> 

I just read a lot in the guide, since it was hardly recommended before 
updating to 1.7.1-1. After reading the security section I am quite sure I 
never runned cyglsa-config (/bin/cyglsa also does not exist).

> > PS: I stopped Google Desktop (known as application from BLODA list), but 
this
> > was not the problem.
> 
> BLODA is often not removed from having an effect without uninstalling the
> offending package.  I can't say whether that's a requirement for Google
> Desktop however.
> 
There was a thread at Google (http://groups.google.com/group/Google-
Desktop_Something-Broken/browse_thread/thread/0dabf807fbdf2d7f) I 
participated. We found, that in Google Desktop v5.8 the additional preloading 
of DLLs into any app's memory corrupted cygrunsrv (probably at fork()). 
Stopping GD and renaming the regkey 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion 
\Windows\AppInit_DLLs was enough to make cygrunsrv/sshd running - no 
deinstallation/reboot was necessary. This was exactly what I've done this 
time - even I now run GD v5.9, which operated fine with cygrunsrv/sshd until I 
updated to CYGWIN v1.7.1.

Additionally I found a problem with /var/empty permissions when using SSH 
privilege separation (also worked before). Even when I chmod 711 /var/empty, 
create a 'root' user and chown root:root /var/empty I get '/var/empty must be 
owned by root and not group or world-writable'. I entertain suspicion that 
there happened something stupid with the filesystem permissions for processes 
running as SYSTEM and/or background process...

(I will probably not be back till Wednesday)






--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]