This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

RE: Untangling security - W2K on NT domain




On Sunday, July 22, 2001 1:11 AM, Corinna Vinschen [SMTP:cygwin@cygwin.com] 
wrote:
> On Sat, Jul 21, 2001 at 02:24:40AM -0700, Steve Jorgensen wrote:
> > Scenario:
> >
> > Installed on a Windows 2K workstation and member of an NT 4 domain.
> >
> > Using an account on the domain added to Administrators group on
> > workstation, but merely a regular user on the domain.
> >
> >
> > Problem:
> >
> > In the groups file, 513 is "None".  I thought that was only supposed to 
> > happen on a workgroup system.
>
> On set `mkpasswd' is only called with -l option. Call it again
> using the -d option.
>
> > Untarring files with tar -xvzf fails miserably (as same user as 
described
> > above).  Permissions are set wrong on new directories, and extract 
fails on
> > files destined for those directories because of inadequate permissions.
> >
> > It would seem that I need to fix my /etc/passwd and/or /etc/group 
files,
> > but I don't understand them well enough to know what to do.  What do I 
need
> > to do here
>
> Call mkpasswd and mkgroup without options. That should give you a clue.
> And calling them with options isn't dangerous at all since they both
> write to stdout. A little disposition to play is very helpful sometimes.
>

I guess I'm figuring that out (about playing, that is).  It's a bit 
worrisome, though with regard to being easy for new users to get started. 
 It was bone simple to set everything up the way I wanted it on W98 (where 
security is non-existent), but I can't even untar a package on my W2K box 
without learning a whole new skill.  I think I'm up to it (now that I 
realized everything I need is in the freakin' manual I should have looked 
at in the first place), but it took me a while to realize that passwd and 
group files were even something I needed to concern myself with or that 
they were related to the trouble I was having.

What might be a nice goal for the future would be to ask the user if they 
want to launch a security wizard after first-time setup.  The wizard would 
ask a bunch of questions, then set up /etc/passwd and /etc/group, and run 
chmod on everything that was just installed.  I don't know if I'd be able 
to write something like this, but would you want it if I could do it 
successfully?

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]