This is the mail archive of the
cygwin@sources.redhat.com
mailing list for the Cygwin project.
Re: inetd security hole?
- To: cygwin at sources dot redhat dot com
- Subject: Re: inetd security hole?
- From: Bob Heckel <BHeckel at excite dot com>
- Date: Tue, 8 Aug 2000 18:30:20 -0700 (PDT)
- Cc: vinschen at cygnus dot com
- Reply-To: <bheckel at excite dot com>
I should have suggested that myself. How does this blurb
sound (particularly directed to anyone who has experienced
this issue and Corinna)?
"Please be aware that if you have created your /etc/passwd
via mkpasswd -l then you may have a security hole.
If your PC has "Guest" enabled in order to allow shares to
certain directories on your W2K or NT box, your passwd file
contains an entry for Guest that will allow anyone to ftp,
telnet, etc. to your machine simply by using user guest and
pressing enter for the password. One solution is to
eliminate the Guest account via Control Panel, the other is
to delete the Guest entry in /etc/passwd.
This problem is a weakness in Windows, not Cygwin."
Bob Heckel
On Tue, Aug 08, 2000 at 12:36:02 -0400, Chris Faylor wrote:
>Perhaps you would like to contribute some wording for the inetd
>documentation
>which describes the problem.
_______________________________________________________
Say Bye to Slow Internet!
http://www.home.com/xinbox/signup.html
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com