On 2017-05-29 21:57, Andrey Repin wrote:
Greetings, Houder!
- however, the userid of the grandchild of the sshd listener, is
STILL
cyg_server ... NOT sshd!
Exactly. cyg_server is the user which does impersonation.
You've been told that when you've been setting up your host.
http://www.citi.umich.edu/u/provos/ssh/privsep.html
https://security.stackexchange.com/questions/115896/can-someone-explain-how-sshd-does-privilege-separation
https://cygwin.com/ml/cygwin/2017-05/msg00468.html
As if the "sshd" account is NEVER, NEVER used during the _whole_
process
(that is, there is NO privilege separation, as far as I can tell).
As far as it is documented.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
