This is the mail archive of the
cygwin-xfree@cygwin.com
mailing list for the Cygwin XFree86 project.
RE: Xcdroast
- From: Igor Pechtchanski <pechtcha at cs dot nyu dot edu>
- To: cygwin-xfree at cygwin dot com
- Date: Sat, 23 Aug 2003 15:35:17 -0400 (EDT)
- Subject: RE: Xcdroast
- References: <20030823191605.21480.qmail@web10105.mail.yahoo.com>
- Reply-to: cygwin-xfree at cygwin dot com
- Reply-to: cygwin-xfree at cygwin dot com
Sylvain,
You can set up public key authentication for SYSTEM from individual
accounts, which would make it no less secure than password-based
authentication. The SYSTEM user can always switch to any other one
without a password. But this is irrelevant in this case, for two reasons:
1) If you want xcdroast to switch the user context to that of a normal
user, you could try running it as a service using cygrunsrv. Services run
as SYSTEM by default.
2) It's my guess that on Linux only root has access to various low-level
drivers needed to burn CDs. I doubt that Windows has this particular
restriction (it might require administrative privileges, though). It's
very likely that the xcdroast code simply checks whether it's running as
"root" (uid 0) and fails to run otherwise. In this case, you could remove
the check altogether, or change it to something more Cygwin-friendly (see,
for example, the Cygwin-specific patches to inetd and proftpd, to name a
few).
Hope this helps,
Igor
On Sat, 23 Aug 2003, Sylvain Petreolle wrote:
> Igor,
> I have the same setup and dont think that allowing SYSTEM access as
> passwordless
> is a good idea. And this procedure needs a running sshd and/or inetd.
>
> The reason why we need a "su root" is because xcdroast must be run as
> root first to enable the ability to run it as as normal user.
>
> Anyway, I think this can be done via getting it from a linux box and
> doing a chown on it. Will try it and post the result.
> > goal by setting up sshd and allowing passwordless login as "SYSTEM"
> > from your account. You can then do "ssh SYSTEM@localhost".
> >
> > However, there's still a question of *why* you need to "su root".
> > What capabilities of "root" do you need? If you need the ability to
> > switch user contexts, then "SYSTEM" as "root" should be fine. If you
> need
> > to create files owned by "root", then you can make the
> "Administrators"
> > group
> > "root" and simply use "chown".
> > Igor
--
http://cs.nyu.edu/~pechtcha/
|\ _,,,---,,_ pechtcha@cs.nyu.edu
ZZZzz /,`.-'`' -. ;-;;,_ igor@watson.ibm.com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster." -- Patrick Naughton