Cygrunsrv and special Windows virtual accounts "NT SERVICE"
Lavrentiev, Anton (NIH/NLM/NCBI) [C]
lavr@ncbi.nlm.nih.gov
Fri Dec 14 16:23:00 GMT 2012
> http://cygwin.com/ml/cygwin/2012-12/msg00154.html
Thanks.
> I'm wondering if it's such a bright idea to use a NULL password based on
> a check for a certain domain. That's practically guaranteed to break
> at one point again.
I don’t think Microsoft is going to drop "NT SERVICE\" in any near future
(they've just had the feature introduced!). This is the only domain that
needs to be treated specially (for now).
> !pass || pass[0] == '\0'
MSDN says that password-less accounts must provide an empty string
(and it does not mention NULL). More cumbersome logic can involve
checking for both the special domain and empty/NULL password (as above),
resulting in NULL lpPassword only when both checks have been met.
> what about something like `-w NULL'?
I would not vote for this. This precludes that the string "NULL" cannot
be used as an otherwise regular password.
Anton Lavrentiev
Contractor NIH/NLM/NCBI
More information about the Cygwin
mailing list