This is the mail archive of the cygwin-developers mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: 1st release of an LSA authentication package


On Nov 27 07:37, Brian Dessent wrote:
> Corinna Vinschen wrote:
> > That doesn't happen that often, does it?  We have usually months between
> > releases, so I don't quite see the problem.
> 
> I inferred that Igor was worried that a reboot would be required during
> e.g. ordinary development cycle of developing a new patch against the
> DLL or when trying a snapshot, etc.  I think the workaround there would
> be just not to use LSA auth.

Indeed.  On the bright side, when LSA authentication fails, there's
always the fallback to NtCreateToken.

> > No.  The whole idea of registering and rebooting is to load the DLL
> > at boot time and not to allow to replace it at runtime easily.  The
> 
> Well, I could see making the actual LSA DLL just a small (unchaging)
> stub that LoadLibrary()s and FreeLibrary()s the actual cyglsa DLL as
> needed (or on command), so that it could be replaced and synched with
> the main cygwin1.dll without a reboot.  But that just increases the file

Uh oh.

> count, complexity, and developer workload for no other reason.  (And I'm
> sure there's a security argument too.)

Exactly.  That's why I coupled the authentication DLL to the Cygwin
release.  It's not foolproof of course, but I'd rather see this being
even more coupled than less.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]