This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: security with the ftp daemon
On Tue, Jan 22, 2002 at 10:18:01AM +0900, Dylan Cuthbert wrote:
> Thanks, you were right, I regenerated the groups file and it returned to
> being secure again - it seems a bit dangerous to default to admins group,
> maybe better if it defaults to guest or something along those lines?
Security wasn't one of the design goals of Cygwin originally. The
reason for using admin as fallback was to ensure that applications
still run even if some settings are broken. That's obviously not
the problem when explicitely switching user context. See
http://cygwin.com/ml/cygwin/2002-01/msg01190.html
for a current discussion of related problems. I'm going to switch
over to no default at all.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/