This is the mail archive of the cygwin@sources.redhat.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

inetd security hole?


I just set up inetd-1.3.2-5p1 as a service on my W2K box.  My
thanks to the Cygwin team.  Great job on this piece.  There
may, however, be a security hole for some people.  I was
able to FTP from a remote Unix box to my Cygwin W2K box
simply by using user guest and password (enter).  Had to
delete the Guest entry from /etc/passwd to close the hole.

I may not be configured properly and your system may be
different but I wanted to make sure no one is accidently
exposed to trouble.  I checked the mailing list search
engine prior to posting this and didn't see any warnings regarding this
issue.

Bob Heckel





_______________________________________________________
Say Bye to Slow Internet!
http://www.home.com/xinbox/signup.html


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]