[PATCH]: Cygwin port of 2.2.0p1

[Damien Miller]

On Sun, 3 Sep 2000, Corinna Vinschen wrote:

> I have to apologize. My previous patch missed a file :-(
> Attached to this mail you will find the corrected patch _with_
> the missing file.
 
Just going through you patch now. Some questions:

--- There are lots of cases where uid/euid == 0 checks are disabled. 
I assume because Win does not share Unix's root metaphor. Is this 
correct? 

If so, there should be some replacement check to prevent non admin users 
from doing things like setting up port forwards for ports < 1024, etc.

--- In auth1.c you have: 

/*
 * The only authentication which is able to change the user
 * context on NT systems is the password authentication. So
 * we deny all requsts for changing the user context if another
 * authentication method is used.
 * This may change in future when a special openssh
 * subauthentication package is available.
 */

Does this mean the only way to change Window's equivalent of uid is with
a valid password? 

The code adjacent to the above comment looks like it will disable 
authentication modes other than password, correct? I can't see 
anything similar done for protocol v2 though.

---- Also in auth1.c:

/*
 * check owner and modes.
 * This won't work on Windows under all circumstances so we drop
 * that check for now.
 */

How does it fail? I don't want to _remove_ security checks.

--- In session.c you copy the parent's whole environment to the child. 
Is there any way to limit this to specific variables, or (better still)
initialise them from scratch?

I have made a snapshot with your changes merged + a couple of others 
picked up over the last few days.

http://www.mindrot.org/misc/openssh/openssh-SNAP-20000905.tar.gz

-d

-- 
| ``The power of accurate observation is  | Damien Miller <djm at mindrot.org>
| commonly called cynicism by those who   | @Work <djm at ibs.com.au>
| have not got it'' - George Bernard Shaw | http://www.mindrot.org