This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Setting up user mode cron


>
>
>On Thu, Jan 10, 2002 at 10:45:27AM -0800, Andrew DeFaria wrote:
>
>>limits" to cron. IOW I guess what I'm saying is that *something* should be done (I know you can see this as whining and perhaps it is. But it's whining for a good cause! :-)
>>
>So, why aren't you going to roll up your sleeves and create a really useful patch?  
>
As soon as I can receive compensation for it! I'm sorry but I don't work 
for free or at least I do not have the time, resources nor inclination 
to work for free at this time. You can classify this as whining if  you 
like :-).

>>This cron seems to support setting a MAILTO environment variable to tell cron where to mail output in case of errors. Could it not simply 
>>additionally support USERNAME and PASSWD environment variables that, if present in the crontab would cause cron to change user context with asking for logon credentials? Of course of concern would be the possibly cleartext PASSWD. Perhaps PASSWD could be required to be encrypted like that usually in bona fide Unix /etc/passwd (/etc/shadow) files. It's just a thought of a possible workaround to a possibly bad situation.
>>
>You can't encrypt the passwd as in UNIX.  These are asymmetrically
>encryptions.  You can't get the original passwd back.  Your proposition
>would need a symmetrically encrypted password which means, the
>encryption key is either hardcoded in cron (URGH) or it's evaluated
>by some deterministical function (urgh).  And you would of course
>need an extra tool to create the encrypted from the cleartext password
>to allow a user to type it into his/her crontab file.
>
OK, let's look at this another way. When one uses POP or IMAP to 
retrieve email one must authenticate one's username and password to the 
server to retrieve the email. Therefore somewhere the username and 
password is stored. For example, when using POP with Netscape to 
retrieve email from a mail server, Netscape stores the username and 
password somewhere (a configuration file or the registry). For security, 
Netscape encrypts the password in some fashion before storing it. When 
needed Netscape retrieves this information, unencrypts it and sends it 
along to the mail server so that the user is authenticated and the email 
is retrieved. Why then can't Cygwin's cron do something similar?



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]