Recent security improvements breaks proftpd
Jason Tishler
jason@tishler.net
Fri Sep 19 18:28:00 GMT 2003
Pierre,
On Thu, Sep 18, 2003 at 07:34:14PM -0400, Pierre A. Humblet wrote:
> When you (being in Administrators, but with gid 10513) sign in
> through proftp, your supplementary groups (including Admins) are
> stripped by setgroups(0, NULL). Consequently you loose access to
> your own mount table.
Bingo! I just changed my (primary) gid to 544 and I can ftp now.
> So the root cause is old and not related to recent changes.
> sec_none is used a lot in Cygwin. It should either be redefined
> to include the user, or the default DACL in the process access
> token should be set to something sensible when starting Cygwin.
> I will come up with a long term solution.
Let me know if you need some help with testing.
Thanks,
Jason
--
PGP/GPG Key: http://www.tishler.net/jason/pubkey.asc or key servers
Fingerprint: 7A73 1405 7F2B E669 C19D 8784 1AFD E4CC ECF4 8EF6
More information about the Cygwin-developers
mailing list