This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: Cygrunsrv and special Windows virtual accounts "NT SERVICE"


> http://cygwin.com/ml/cygwin/2012-12/msg00154.html

Thanks.

> I'm wondering if it's such a bright idea to use a NULL password based on
> a check for a certain domain.  That's practically guaranteed to break
> at one point again.

I donât think Microsoft is going to drop "NT SERVICE\" in any near future
(they've just had the feature introduced!).  This is the only domain that
needs to be treated specially (for now).

> !pass || pass[0] == '\0'

MSDN says that password-less accounts must provide an empty string
(and it does not mention NULL).  More cumbersome logic can involve
checking for both the special domain and empty/NULL password (as above),
resulting in NULL lpPassword only when both checks have been met.

> what about something like `-w NULL'?

I would not vote for this.  This precludes that the string "NULL" cannot
be used as an otherwise regular password.

Anton Lavrentiev
Contractor NIH/NLM/NCBI	


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]