This is the mail archive of the
mailing list for the Cygwin project.
Re: Filtered tokens
OK, I understand why it's the privileged token but why is it still in session 0?
Also, it doesn't really explain why the files are all installed with
ownership set to me
On Tue, Apr 27, 2010 at 5:10 AM, Corinna Vinschen
> On Apr 26 15:34, Patrick Julien wrote:
>> I have read the page found at
>> http://www.cygwin.com/cygwin-ug-net/ntsec.html but I still see the
>> following 2 issues with filtered tokens as implemented by Vista/7 when
>> used by cygwin.
>> When I say filtered tokens, I'm talking about the dual token strategy
>> these systems use to keep administrators running under non admin
>> privileges most of the time.
> You mean UAC.
>> 1. When using ssh/sshd, the token assigned to a user on login is the
>> fully privileged one.
> Deliberately. ?Otherwise you can't perform admin tasks from a remote
>> And it doesn't matter if I am using keys or a password to login. ?I am
>> running under my "full privileged" token. ?Setting the password using
>> "password -R" has no effect either.
> I would be surprised if it had. ?After all it's only a single account
> with a crippled and a full token. ?I'm surprised anybody wants the
> crippled token in a remote SSH session.
> Corinna Vinschen ? ? ? ? ? ? ? ? ?Please, send mails regarding Cygwin to
> Cygwin Project Co-Leader ? ? ? ? ?cygwin AT cygwin DOT com
> Red Hat
> Problem reports: ? ? ? http://cygwin.com/problems.html
> FAQ: ? ? ? ? ? ? ? ? ? http://cygwin.com/faq/
> Documentation: ? ? ? ? http://cygwin.com/docs.html
> Unsubscribe info: ? ? ?http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple