This is the mail archive of the cygwin@sources.redhat.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: inetd security hole?


Thanks for the suggestion, Rob but I still need the Guest account to allow
anonymous NT shares (for my non-Cygwin enlightened coworkers) to certain
directories on my W2K box.  I'll just leave Guest out of /etc/passwd for
now.

The thing that worried me originally was that "dropbox" shares are common on
Windoze machines and I only discovered the hole by accident.  Unfortunately
the inetd documentation doesn't mention the issue.

Bob Heckel
p.s. Thanks also to Dave for your comments.

On Tue, 8 Aug 2000 08:23:57 +1000, Robert Collins wrote:

>  I agree that this is a NT feature.. in fact the guest account can be
>  renamed, or disabled. Bob - if you disable the guest account on your
>  machine, cygwin shouldn't be able to login you whether or not guest is
>  listed in /etc/passwd.
>  
>  Rob





_______________________________________________________
Say Bye to Slow Internet!
http://www.home.com/xinbox/signup.html


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]