On Mon, Jan 13, 2003 at 10:16:57PM -0500, Igor Pechtchanski wrote: > Technically, nothing prevents an administrator on a machine from giving > this permission (called, I *think*, 'Create a token object') to a user > other than LocalSystem, which will then allow that user to run 'login' > successfully. It is impractical from a security standpoint, however, to > give this permission to all users.
Giving it even to one single user is a wide open security hole. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:[EMAIL PROTECTED] Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
