1st release of an LSA authentication package

Corinna Vinschen corinna-cygwin@cygwin.com
Mon Nov 27 16:01:00 GMT 2006

On Nov 27 07:37, Brian Dessent wrote:
> Corinna Vinschen wrote:
> > That doesn't happen that often, does it?  We have usually months between
> > releases, so I don't quite see the problem.
> I inferred that Igor was worried that a reboot would be required during
> e.g. ordinary development cycle of developing a new patch against the
> DLL or when trying a snapshot, etc.  I think the workaround there would
> be just not to use LSA auth.

Indeed.  On the bright side, when LSA authentication fails, there's
always the fallback to NtCreateToken.

> > No.  The whole idea of registering and rebooting is to load the DLL
> > at boot time and not to allow to replace it at runtime easily.  The
> Well, I could see making the actual LSA DLL just a small (unchaging)
> stub that LoadLibrary()s and FreeLibrary()s the actual cyglsa DLL as
> needed (or on command), so that it could be replaced and synched with
> the main cygwin1.dll without a reboot.  But that just increases the file

Uh oh.

> count, complexity, and developer workload for no other reason.  (And I'm
> sure there's a security argument too.)

Exactly.  That's why I coupled the authentication DLL to the Cygwin
release.  It's not foolproof of course, but I'd rather see this being
even more coupled than less.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

More information about the Cygwin-developers mailing list