This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: CYGWIN/BASH CHMOD on W9x.


Hello Brian and Thorsten,   :) :)  


Brian,,,I'll take a look at IIRC!  THANKS for the info!

More comments at the appropriate places below!
 

-------------- Original message from "Brian Bruns" : -------------- 
> On Monday, June 21, 2004 3:43 PM [EDT], jglong3@att.net 
> wrote: 
> 
> > 
> > 3. Or, has someone been succesful to chmod with a W9x environment 
> > ???? 
> 
> 
> IIRC (and I could be wrong, since its been a while since I've worked 
> with Cygwin under a non NT based system), Win9x/ME has no security hooks 
> or controls that would make this kind of control possible - partially 
> because of the limited subset of Win32 support in them, and partially 
> because of lack of support for NTFS. 
> 
> 
> But, like I said, I could be wrong, and things might have changed. 
> 

OK Brain,,,,THANKS for your time, help, and advise!!!

> -- 
> Brian Bruns 
> The Summit Open Source Development Group 
> Open Solutions For A Closed World / Anti-Spam Resources 
> http://www.sosdg.org 
> 
> The Abusive Hosts Blocking List 
> http://www.ahbl.org 
> 
> 


------- Original message from " Thorsten Kampe " : -------------- 

>> > FYI,,,,Please be patient,,,,I am a NEWBIE using the CYGWIN/BASH 
environment. I 
did use UNIX, but that was many years ago (pre 1985) and I have a lot to 
re-learn.

>>FYI, please use linebreaks at about 70 characters otherwise your
reader has to scroll (and probably won't read what you wrote)
 

OK, Thanks---- I'll keep this in mind!!!! :)


>>> CYGWIN/BASH dated 5/25/2004 Version 1.5.10-3 was installed to a W98 machine 
and all is woking great. The install was a minimum CYGWIN/BASH for using SSHD 
and SSH.
>>> 
>>> On this W98 machine an attempt to chmod for directories and files to try and 
prevent users from crossing over to other user's directories was not successful. 
And, after looking at some Archives it was found that this cannot be done on a 
W9x type machine. 
>>> 
>>>    1. The articles were dated circa 2002 and I was curious if this had 
>>>       ever become an issue to implement in the CYGWIN/BASH 
>       environment for W9x, or is this a dead issue for W9x machines????

>>Ask Microsoft. If you really would care, you wouldn't use Windows 98,
>>would you? Cygwin can neither reinvent nor circumvent the security of
>>the operating system. So if Windows has none, Cygwin has none.
 
It is understood that W9x systems do not provide 
directory/file security! We do care and encourage 
clients to upgrade. However, when the situation 
does not allow for an upgrade you have to do what 
you can. And, trying to talk to Microsoft is like 
talking to a "STUMP".
However, you can get their attention if you find 
a vulnerability in their Network type code and 
publish it with just a CC to Microsoft. It was 
encouraging when they offered an online security 
and criticle upgrade environment. Even this 
seems to be ok for W98 for a while to come.

The ssh/sshd environments sets up a remote login 
session that does some a good username/password 
protection even on the W9x environments! Also, 
a "ls -al" shows the proper owner/group of the 
user logged in as expected based on the contents 
of the passwd and group files. It was hoped since 
this was true then some routine/function in BASH 
could be modified similar to the suggestion in the 
Nov 200 article by Corinna Vinschen and that this 
change would honor this users owner/group to 
prevent the user from changing to ANY directory 
out-side that user's main (user's root) directory.

Now that I take another look at the CYGWIN User's 
Guide with respect to NTSEC and NTEA relative to 
this article it appears the article is 
relative to NT+ 
(????).


>>> An article dated Nov. 200, Re: fetchmail by Corinna Vinschen was found that 
described how to do this for a W98 with a fetchmail environment. The direction 
discussed a change in the fetchmail environmment for the function 'check-ntsec' 
in the source code file 'cygwin_util.c'. The environment here is low on 
resources for any compiler/linker type environment and as a result does not 
contain the CYGWIN source code or the compile/link capability with any c, c++, 
or API to create *.exe or *.dll files.
>>> 
>>>   2.  However, given the minimal environment that was delivered can 
>>>       a CYGWIN/BASH source code file change accomplish the 
>>>       security check with a recompile/link?????

>>See above.

>>> If so, then a machine will be found with resources so that this can be 
accomplished.
>>> 
>>>  3. Or, has someone been succesful to chmod with a W9x environment ????

>>There is no security under Windows 9x. It would be possible to fake it
- but it would be a fake security.


The cygwin environemnts variable ntsec and ntea seem 
to be the way for the NT SP4 and Windows 2000.

I have not used it at this time and cannot make any 
pro/con statements about the article on the web 
at http://www.devguy.com/fp/scp/. But,  even 
the RunSCP offering of OpenSSH requirements is 
for NT SP4 and Windows 2000 type systems. 
Plus, it seems that any offering of OpenSSH 
that protects directories and files 
for users points to a NT SP4 and Windows 2000 
type systems.

In this case, and at this time, it is not possible 
to upgrade for many valid reasons. :-|


Thanks for your time, help, and advise!    :) 

Jerry

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]