This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Windows rights

From: Christophe Delarue <Christophe dot Delarue at reuters dot com>
To: cygwin at cygwin dot com
Date: Fri, 24 Jun 2005 17:54:12 +0200
Subject: Re: Windows rights

Sorry for formatting I'm not familiar with outlook ... I prefer
emacs-vm.

Having a inetd for my account on the server is may be a solution. As
various user could do this remote compilation, I have to install various
inetd service, one per user ... 

I tried sshd.
The ssh-agent refuses to take the sshd files ~/.ssh/id_rsa since they
are world readable -rw-r--r--. 
Any chmod on this network files does not work. My Home is on the network
as generated with mkpasswd.
The use of ssh force me to use local /home/<login> directory.

With this settings I loose all initialization done in the network HOME
directory.

I think I'll use the inetd per user ... 

I'll send what I definitely will use.

Thank's for help. 

-----Original Message-----
From: Igor Pechtchanski [mailto:pechtcha@cs.nyu.edu] 
Sent: Thursday, June 23, 2005 18:03
To: Christophe Delarue
Cc: cygwin@cygwin.com
Subject: Re: Windows rights

Ugh.  Top-posting.  Reformatted.  BTW, there was no need to Cc: me, I
read the list.  Please make sure your mailer respects the Reply-To:
header.

On Thu, 23 Jun 2005, Christophe Delarue wrote:

> -----Original Message-----
> From: cygwin-owner@XXXXXX.XXX On Behalf Of Igor Pechtchanski
> Sent: Thursday, June 23, 2005 15:14
> To: Christophe Delarue
> Cc: cygwin@XXXXXX.XXX

<http://cygwin.com/acronyms/#PCYMTNQREAIYR>.  Thanks.

> Subject: [spam] Re: Windows rights
>
> > Same problem in both cases.  Read all of 
> > <http://cygwin.com/cygwin-ug-net/ntsec.html>, especially the part 
> > titled "Switching User Context", carefully.
>
> Thank's for your answer
>
> My server is Ms 2000.
>
> I read the url you gave me (I have allready read). I do not well 
> understand the section switching user context
>
> Does the second paragraph "On NT and Windows 2000 the SYSTEM user has 
> these privileges and can run services such as sshd." says that I 
> should run the services as SYSTEM and not LocalSystem ?

No, SYSTEM and LocalSystem are two names for the same user.  It's known
as SYSTEM in Cygwin, but Windows calls it LocalSystem.  Perhaps the
above link should be amended to clarify this.

> Do the third paragraph
>
> " An important restriction of this method is that a process started 
> without a password cannot access network shares which require 
> authentication. This also applies to subprocesses which switched user 
> context without a password. Therefore, when using ssh or rsh without a

> password, it is typically not possible to access network drives"
>
> Means it is impossible to access any network drives without explicit 
> login ?

Sort of.  It is impossible to access network drives that require
authentication without an explicit login.

> Is there a method to rsh on a windows machine without password and 
> access network drives ?

If you use rsh, you might as well do what's suggested in the FAQ entry
that Larry pointed you to and make your shares world-readable, since
security is completely shot anyway.

If you decide to switch to ssh, I think you can use ssh-agent to
password-authenticate without having to type in your password every
time.
I haven't used ssh-agent much, so I don't recall the exact recipe for
starting it.  Read the documentation or ask for help somewhere else (I
doubt any usage questions will be Cygwin-specific).
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"The Sun will pass between the Earth and the Moon tonight for a total
Lunar eclipse..." -- WCBS Radio Newsbrief, Oct 27 2004, 12:01 pm EDT

----------- -----------------------------------------------------
        Visit our Internet site at http://www.reuters.com

To find out more about Reuters Products and Services visit http://www.reuters.com/productinfo 

Any views expressed in this message are those of  the  individual
sender,  except  where  the sender specifically states them to be
the views of Reuters Ltd.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Follow-Ups:
- Re: Windows rights
  - From: Igor Pechtchanski

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]