Logging-in using ssh elevates the user privilege.
Corinna Vinschen
corinna-cygwin@cygwin.com
Wed Mar 6 16:17:00 GMT 2019
On Mar 6 17:15, Corinna Vinschen wrote:
> On Mar 7 01:00, Takashi Yano wrote:
> > Hello,
> >
> > I would like to report a problem of recent cygwin.
> >
> > If a user logs in via ssh, the user aqcuires the elevated
> > privilege if the user belongs to Administrators group.
>
> This is by design, and this is no new behaviour. As soon as an admin
> account logs in, seteuid uses the elevated token. Cygwin is doing that
> since 2015.
Actually, since 2010.
>
> After all, from an ssh session there would be *no* chance to run
> administrative tasks if the user would only get a non-elevated token.
> There's no way to switch to the elevated token from an ssh session.
Corinna
--
Corinna Vinschen
Cygwin Maintainer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20190306/5f4737ea/attachment.sig>
More information about the Cygwin
mailing list