managing /etc/passwd

Michael Czapski MCzapski@openplus.com.au
Wed Sep 30 01:02:00 GMT 1998


On Tuesday, September 29, 1998 2:18 AM, Steve Morris [SMTP:sjm@frodo.page] 
wrote:
>
> I just got inetd partially working on my NT box and discovered that I have no
> security. As directed in a post by Sergey found in the archives I initially
> created my passwd file with:
>
> % mkpasswd -l -g >/etc/passwd
>
> I didn't look too closely at this file until I notice that there was no
> password checking on ftp. Then I noticed that the password fields in
> /etc/passwd are empty. I tried to create password entries with the passwd
> command but it prints every line in the passwd file followed by "; not
> found."
> Exactly what is not found is not clear but it isn't found for any user.
>
> Needless to say this is probably not adequate security and I would like to
> repair this situation quickly. Where have I gone wrong? Others must have
> blown
> poast this step without similar problems. The archives got me this far but I
> don't see this specific problem. I don't find the word passwd in the FAQ.
>
> How do I add passwords to passwd?
>
Hello Steve,
Whilst I don't know what login.exe you are using I do know that the login 
program from Sergey's site verifies the user against Windows NT security 
database using LogonUser API call.  This is what that call does:
----
The LogonUser function attempts to perform a user logon operation. You specify 
the user with a user name and domain, and authenticate the user with a 
clear-text password. If the function succeeds, you receive a handle to a token 
that represents the logged-on user. You can then use this token handle to 
impersonate the specified user, or in most cases, to create a process running 
in the context of the specified user.
----
So, don't put passwords into your /etc/passwrd file; do use the right login 
program.
In so far as ftp is concerned why not use the ftp server that comes with MS IIS 
?

------------------
Cheers ...
Michael Czapski


-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".



More information about the Cygwin mailing list