current state of credential hopping?
Corinna Vinschen
corinna-cygwin@cygwin.com
Tue Jan 14 10:57:00 GMT 2003
On Mon, Jan 13, 2003 at 10:16:57PM -0500, Igor Pechtchanski wrote:
> Technically, nothing prevents an administrator on a machine from giving
> this permission (called, I *think*, 'Create a token object') to a user
> other than LocalSystem, which will then allow that user to run 'login'
> successfully. It is impractical from a security standpoint, however, to
> give this permission to all users.
Giving it even to one single user is a wide open security hole.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list