[cvsnt] Reported author problem running cvsnt with cygwin/sshd on Windows Server 2003.

[Dwight Schauer]

Tony,

Thanks for your response concerning this issue.

On 10/5/06, Tony Hoyle <tony.hoyle at march-hare.com> wrote:

> This was a solved problem years ago - it's not a cvsnt issue.


Yeah, I did not think it was a cvsnt issue. Thanks for the clarification.

> If it were up to me (and I know it is not) I'd rather see the GetUserNameA
> > call removed all together, and the user name gotten from the environment
> > all
> > the time, but there may be other reasons why GetUserNameA is is being
> used.
>
> That would be a security breach.  You can't just have any username in
>

I understand.

In the same way 'sshd_server' is not a guaranteed secure user and cannot
> be safely added as an exception.


I concur.

Alright, so I guess I'll need to try to get in fixed in cygwin/sshd if I
choose to stick with this method of cvsnt user authentication. For now I'll
use my workaround, as on that server I know I was the one who created the
"sshd_s" account.

Dwight

On 10/5/06, Tony Hoyle <tony.hoyle at march-hare.com> wrote:
>
> Dwight Schauer wrote:
> > The user for cgywin sshd on ws2k3 defaults to "sshd_server", not
> "SYSTEM".
> > In order for key based password-less logins to work on ws2k3
> sygwin/sshd, a
> > user other than "SYSTEM" must be used. Vista has the same issue, but I
> > don't
> > plan be running my cvsnt server on Vista any time soon.
>
> Cygwin just need to use a proper LSA library in the same way that cvsnt
> does it (in fact there's nothing to stop them using the CVSNT one
> really).  I'm very surprised they got the old method to work at all in
> vista - MS are supposed to have removed the undocumentated APIs from the
> public interface.
>
> This was a solved problem years ago - it's not a cvsnt issue.
>
> > If it were up to me (and I know it is not) I'd rather see the
> GetUserNameA
> > call removed all together, and the user name gotten from the environment
> > all
> > the time, but there may be other reasons why GetUserNameA is is being
> used.
>
> That would be a security breach.  You can't just have any username in
> there because you can't trust the environment in which the server runs.
>   It's very difficult to start something as SYSTEM unless you're already
> the administrator, so in that case you have a (limited) trust of the
> environment.  For any other user that is not guaranteed to be true.
>
> In the same way 'sshd_server' is not a guaranteed secure user and cannot
> be safely added as an exception.
>
> Tony
> _______________________________________________
> cvsnt mailing list
> cvsnt at cvsnt.org
> http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
>