This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

login -p disabling leads to Windows failures -- as it expects its ENV to remain instact for new processes


Eric Blake wrote:
On 10/08/2014 01:55 PM, Linda Walsh wrote:
I get this message the 1st time logging in via 'rlogin':

You do realize, of course, that rlogin is a security hole, and that you
really ought to consider using something more secure like ssh if you are
trying to use it outside the boundaries of a heavily-firewalled intranet?
http://cc-ipcp.icp.ac.ru/Section1.2.html
No, ??? security hole? Depends on your security policy. People cannot talk about rlogin
being a "security hole" -- only in the context of specific usage.

"/bin/sh" "is a security hole" under the wrong security policy... It's not the program,
but how it is used!  Don't blame the poor program!  ;-)


In any event, only local-subnet, non-routable hosts are in the ".rhosts". Had problems making localhost work, but might try again....

I'm trying to use it to login from the same machine into itself.

and heavily-firewalled?... um...
not exactly, but it isn't on the internet (has to use an http-proxy to get out)...

Theoretically, a tunnel could be created through the proxy (http or socks), that
could allow someone to run the command to access the local host. or if I ran
MS's TCP6 helper that sets up connectivity through firewalls via proxies
automatically when you get win7 out of the box (not sure about sp1.. might have
made it non-default)...

But....the real problem is "login"...

Corinna "corrupted" the cygwin version:

-p Used by getty(8) to tell login not to destroy the environment.
             This is disabled in the Cygwin version.

---
Thus I log in, but random things fail because standard Windows security
environment that windows expects to be there, ISN'T.


...even cygwin uses many of these vars to setup the user's environment.

Things like:

Path after cygwin clears it:
(Note, since windows loads it's libraries via the PATH, Note Windows
dirs are not in path:

PATH=/Users/law.Bliss/bin/lib:/usr/sbin:.:/prog64/vim:/usr/bin:/sbin:/prog

(Normal path using a console window:

 echo $PATH
/Users/law.Bliss/bin/lib:/usr/sbin:.:/prog64/vim:/usr/bin:/sbin:/prog/sysinternals/cmd:/prog/sysinternals:/Windows/system32:/Windows:/Windows/System32/Wbem:/Windows/System32/WindowsPowerShell/v1.0:/Prog/Common Files/DivX Shared:/Prog/NVIDIA Corporation/PhysX/Common:/Prog64/VanDyke Software/Clients:/Prog64/NVIDIA GPU Computing Toolkit/CUDA/v4.0/bin:/Prog/NVIDIA Corporation/Cg/bin:/Prog/NVIDIA Corporation/Cg/bin.x64:/Prog/QuickTime:/Prog/Microsoft SQL Server/110/Tools/Binn:/Prog/Microsoft SQL Server/110/DTS/Binn:/Program Files/Microsoft SQL Server/110/Tools/Binn:/Prog/Microsoft SQL Server/110/DTS/Binn:/Users/law.Bliss/bin:/usr/local/bin:/etc/local/func_lib

---

If cygwin wants to clear env and start with an unchanged copy
out of the registry, that's fine... but leaving them (there were about
2x more than I list below) out make many programs
designed for cygwin (on windows), fail like:

bin/dumphive: line 11: USERPROFILE: unbound variable
3564 (process ID) old priority 19, new priority 19
bin/dumphive: line 11: USERPROFILE: unbound variable

Root has problems getting any shell:

 rlogin -l root athenae
Password:
rlogin: connection closed.
 rlogin -l Bliss\\root athenae
Password:
cygwin warning:
MS-DOS style path detected: /Windows/System32/cygwin/usr/spool/mail/Bliss/root Preferred POSIX equivalent is: /Windows/System32/cygwin/usr/spool/mail/Bliss/root CYGWIN environment variable option "nodosfilewarning" turns off this warning.
 Consult the user's guide for more details about POSIX paths:
   http://cygwin.com/cygwin-ug-net/using.html#using-pathnames
rlogin: connection closed.

--- There's that warning again...


missing vars:


ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\law.Bliss\AppData\Roaming CLASSPATH=.;"C:\Prog\Java\jre7\lib\ext\QTJava.zip";C:\Program Files (x86)\ COMMONPROGRAMFILES=C:\Program Files\Common Files CYGWIN=system nodosfilewarning winsymlinks:native export CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files HISTFILE=/Users/law.Bliss/.histAthenae_cons0 HOMEDRIVE=C: HOMEPATH=\Users\law.Bliss LOCALAPPDATA=C:\Users\law.Bliss\AppData\Local LOGONSERVER=\\ISHTAR OS=Windows_NT PATH=/Users/law.Bliss/bin/lib:/usr/sbin:.:/prog64/vim:/usr/bin:/sbin:/prog PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROGRAMFILES=C:\Program Files PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\ PUBLIC=C:\Users\Public ProgramData=C:\ProgramData ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files QTJAVA=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip SESSIONNAME=Console SHELL=C:/Bin/Bash.exe SYSTEMDRIVE=C: TEMP=/tmp TERM=cygwin TMP=/tmp
USERDOMAIN=Bliss
USERDOMAIN_ROAMINGPROFILE=Bliss
USERNAME=law USERPROFILE=C:\Users\law.Bliss VIMRUNTIME=C:/Prog64/Vim



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]