[cvsnt] Re: cygwin ssh server and author being set to SYSTEM
Pavel Goran
pvgoran.ml at macondo.ru
Wed Jan 7 17:22:28 GMT 2004
>> If you allow users to login without passwords in that way, once that
>> package is on the system it's a potential wide open security hole...
>
> Yes, unfortunately. IIRC there were also other issues, like breaking
> compatibility with the way cygwin currently handles user groups.
>
> I guess a secure SSH server would have to pass the public key to the
> authentication module, which would have to verify it against the user's
> private key, which would have to be stored in a secure location.
The authentication module could just check if the calling process has
enough priveleges to use NtCreateToken() and impersonate an user via
the obtained access token - that is, if the process can make use of
the currently used (in CygWin) "broken" impersonation. If this is the
case, the authentication module could safely proceed with doing
whatever is needed for "normal", non-broken impersonation.
Pavel Goran
More information about the cvsnt
mailing list