Subauthentication

Corinna Vinschen vinschen@redhat.com
Fri Dec 13 04:59:00 GMT 2002


On Fri, Dec 13, 2002 at 01:22:38PM +0100, Hartmut Honisch wrote:
> > That sounds really interesting.  If we turn around the order in
> > seteuid again (first call subauth, if that fails create_token) we
> > could use that extra step as explained above to create a correct
> > logon token.  It's just important, that the current NTCreateToken
> > stuff still works as today if subauth is not installed.
> 
> There are scenarios where we would have to call both subauth and
> create_token. Pierre pointed out some problems with setgid / setgroups and
> subauthentication:

Sure.  I was just saying that the create_token magic should still
work as today if subauth fails.  Otherwise I see the advantage of
having a logon session.  It's ok, somebody just has to implement it ;-)

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.



More information about the Cygwin-developers mailing list