Re: Initdb fails... Again! - Mailing list pgsql-cygwin
| From | Jason Tishler |
|---|---|
| Subject | Re: Initdb fails... Again! |
| Date | |
| Msg-id | 20030128145033.GC1828@tishler.net Whole thread Raw |
| In response to | Re: Initdb fails... Again! (Jason Tishler <jason@tishler.net>) |
| List | pgsql-cygwin |
Dan, On Tue, Jan 28, 2003 at 01:00:11AM +0100, Dan Holmsand wrote: > Really sorry to be stubborn, No problem. > but I happen to think that this is an interesting subject... Agreed, but maybe we should move this thread to the Cygwin list? > Jason Tishler wrote: > >You *can* log on as LocalSystem via ssh: > > I know. The disadvantage is of course that anyone that can run as me > also gets access to LocalSystem without any password checks at all. Agreed, but someone can attack your root account too. > >There is also cmdasuser: > > > > http://www.develop.com/kbrown/security/sample_cmdasuser.htm > > > >which can switch user to LocalSystem too. > > Wow. That's scary! That actually shows that running as a member of > Administrators is pretty much exactly as dangerous as running with > "Create a token object" etc. privilegies, since they obviously can be > so easily acquired. Yup! > Anyway, cmdasuser doesn't work very conveniently for me: I'm not a > member of "Administrators" (for security reasons). Even if I was, it > feels like a pretty big security risk just to have that kind of thing > laying around :-). Agreed! > And it doesn't work remotely. Also, it has a nasty habit of killing > child processes on exit, so "/etc/rc.d/init.d/sshd restart" is a small > disaster... I just threw out cmdasuser to demonstrate that there was YA way to become the LocalSystem user. > >>Unless such programs are really, really carefully ported to Cygwin, > >>you get a security hole when running them as uid 18 (i.e. "SYSTEM"). > > > >Then those ports (e.g., apache) are broken and should be fixed. For > >example, my fetchmail, procmail, and vsftpd ports recognized uid 18 as > >the root uid and behave accordingly. > > Now that's a really good argument. In particular, my running as uid 0 > breaks "correctly ported" apps in this regard. OTOH, I maintain that > getting this 100% right is non-trivial, since it is quite untestable. Why is it untestable? Plus, the source for all Cygwin apps are available for inspection. > If Cygwin's intention is that uid 18 should be equivalent to Unix' uid > 0, then why on earth is Local System uid 18? It was a regrettable choice by Corinna. :,) Actually, Cygwin UIDs are derived from the last component of the user's SID. For example: SYSTEM:*:18:544:,S-1-5-18:: ^^ ^^ > >>4) It just feels a bit more unixy :-) > > > >I guess so, but when in Rome... :,) > > Hmm. I always thought the whole purpose of Cygwin was to save me from > the evils of Rome (or Redmond, to be a bit more precise). ;-) Touche! Jason -- PGP/GPG Key: http://www.tishler.net/jason/pubkey.asc or key servers Fingerprint: 7A73 1405 7F2B E669 C19D 8784 1AFD E4CC ECF4 8EF6
pgsql-cygwin by date: