This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd and fstat


On Thu, 17 Jan 2002 14:49:28 GMT, swamp-dog@ntlworld.com (Guy Harrison)
wrote:

I'm pleased to be able to report some progress! I've located where the
key difference lies between sshd running as an NT service and sshd
running in just about any other fashion.

<security.cc>
 	1236	int
 	1237	get_file_attribute (int use_ntsec, const char *file,
 	1238			    int *attribute, uid_t *uidret, gid_t
*gidret)
	1239	{
 	1240	  int res;
 	1241	
-	1242	  if (use_ntsec && allow_ntsec)
 	1243	    {
-	1244	      res = get_nt_attribute (file, attribute, uidret, 
                             gidret);
-	1245	      if (attribute && (*attribute & S_IFLNK) == 
                             S_IFLNK)
-	1246		*attribute |= S_IRWXU | S_IRWXG | S_IRWXO;
-	1247	      return res;
 	1248	    }
 	1249
        1250      if (uidret)
        1251        *uidret = getuid ();
        1252      if (gidret)
        1253        *gidret = getgid ();
	1254
</security.cc>

In almost all circumstances 'allow_ntsec' is true. No problem - sshd
correctly obtains the permissions on the client's $HOME/.ssh/*keys.

The single circumstance in which 'allow_ntsec' is false, is when sshd is
running *directly* as a service: in other words, as it is designed to.


Could someone enlighten me about 'allow_ntsec'. How does CygWin turn
this on?

TIA

-- 
swamp-dog@ntlworld.com

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]