On Feb 17 10:02, Corinna Vinschen wrote: > On Feb 17 14:47, David Newall wrote: > > On 16/2/19 11:51 pm, Corinna Vinschen wrote: > > > Seteuid now creates user token using S4U. We don't create a token > > > from scratch anymore, so we don't need the "Create a process token" > > > privilege. The service can run under SYSTEM again. > > > > It seems like your patch breaks OpenSSH on Windows Vista, Server 2003, and > > possibly others. I oppose changes that needlessly break systems. > > - Windows 2003 isn't supported by Cygwin anymore > > - S4U has been introduced with Windows 2003 > > - Vista is newer than Windows 2003 But then again... ...it turns out that Microsoft apparently did not implement S4U for non-domain machines on the WOW64 32 bit emulation layer on 64 bit machines. So if somebody is running a 32 bit Cygwin on a 64 bit Windows, pubkey authentication for local machine accounts is broken. Oh well. I withdraw this patch for now. Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev