bash/rlogin can get user id different from NT login.
Sat Dec 8 04:40:00 GMT 2001
On Fri, Dec 07, 2001 at 05:20:58PM -0500, Fletcher, Bob (GEAE, EB&TS) wrote:
> Consider the following passwd under cygwin: (1.3.)
> Note that user1 and user2 two have the same UID. (!)
> If I log in to W2000 as user2, and start bash, it thinks that I am user1.
> If user1 was silly enough to
> myhosthame user1
> or god forbid
> + user1
> in a Unix .rhosts file, I will have access to that account.
That's a problem of rhosts authentication. It's a wide open
security leak. Better use ssh with password or pubkey authentication.
> I suppose that the simple answer is "don't do that!". You have to keep
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:email@example.com
Red Hat, Inc.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
More information about the Cygwin