This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Login & Something diff since cygwin 1.5.15-1 release - could it be security changes that were made
On Jun 6 17:02, Brian Keener wrote:
> Thanks for the response. 1.5.17 doesn't correct it either. I have tried each
> release since 1.5.14 and and always end up rolling back to 1.5.14.
I realized you're using W2K and now I'm mildly confused.
I just tried it on W2K and I'm unable to use login on the command line.
This is not actually a surprise, since the function which is used to get
a logon token, LogonUser, requires a user privilege (SeTcbPrivilege),
which isn't held by any user other than SYSTEM. This requirement has been
dropped in XP and 2K3, but it's required on 2K and, AFAIK, on NT4.
The result should be that login always fails on the command line, unless
you gave the SeTcbPrivilege to your account, which, btw, is not a good
idea.
I'm confused, because this should not have change between 1.5.14 and 1.5.15
and when I try this with 1.5.14, login still fails for me, as I'd expect.
What I don't get is, why this works for you with 1.5.14 and before.
Can you please revert to 1.5.14, call `strace -o log.out login briank',
login, and send the log.out file to this list? But please, be careful!
The log file will contain your password at one point,m in a line with
the word "LogonUserA". Overwrite it with some random string before
sending the file content to this list.
Thanks,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/