From: | Dan Holmsand <dan(at)eyebee(dot)com> |
---|---|
To: | Jason Tishler <jason(at)tishler(dot)net> |
Cc: | pgsql-cygwin(at)postgresql(dot)org |
Subject: | Re: Initdb fails... Again! |
Date: | 2003-01-28 00:00:11 |
Message-ID: | 3E35C80B.2040407@eyebee.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-cygwin |
Jason,
Really sorry to be stubborn, but I happen to think that this is an
interesting subject...
Jason Tishler wrote:
> You *can* log on as LocalSystem via ssh:
I know. The disadvantage is of course that anyone that can run as me
also gets access to LocalSystem without any password checks at all.
> There is also cmdasuser:
>
> http://www.develop.com/kbrown/security/sample_cmdasuser.htm
>
> which can switch user to LocalSystem too.
Wow. That's scary! That actually shows that running as a member of
Administrators is pretty much exactly as dangerous as running with
"Create a token object" etc. privilegies, since they obviously can be so
easily acquired.
Anyway, cmdasuser doesn't work very conveniently for me: I'm not a
member of "Administrators" (for security reasons). Even if I was, it
feels like a pretty big security risk just to have that kind of thing
laying around :-). And it doesn't work remotely. Also, it has a nasty
habit of killing child processes on exit, so "/etc/rc.d/init.d/sshd
restart" is a small disaster...
>>Unless such programs are really, really carefully ported to Cygwin,
>>you get a security hole when running them as uid 18 (i.e. "SYSTEM").
>
>
> Then those ports (e.g., apache) are broken and should be fixed. For
> example, my fetchmail, procmail, and vsftpd ports recognized uid 18 as
> the root uid and behave accordingly.
Now that's a really good argument. In particular, my running as uid 0
breaks "correctly ported" apps in this regard. OTOH, I maintain that
getting this 100% right is non-trivial, since it is quite untestable.
If Cygwin's intention is that uid 18 should be equivalent to Unix' uid
0, then why on earth is Local System uid 18?
>>4) It just feels a bit more unixy :-)
>
>
> I guess so, but when in Rome... :,)
Hmm. I always thought the whole purpose of Cygwin was to save me from
the evils of Rome (or Redmond, to be a bit more precise). ;-)
/dan
From | Date | Subject | |
---|---|---|---|
Next Message | Justin Clift | 2003-01-28 05:19:54 | Re: postmaster does not shutdown |
Previous Message | David Kirol | 2003-01-27 22:41:50 | Plperl, createlang fails |