On Sep 17 21:23, Andy Koppe wrote: > On 17 September 2010 15:50, Corinna Vinschen wrote: > >> 5 As stated in the referenced thread, there is no way to prevent attackers > >> to create a user's home dir before she/he logins the first time other than > >> disallowing anyone but the Administrator to do that. > >> If the proposed workaround (issuing a warning if $HOME already exists and > >> is owned by someone else) is considered enough, I'll include it. > >> I haven't thought of anything better than that. > > > > It's good enough for a start. If we come up with a better solution, > > we can still change it, right? > > I think there's little point in just adding a warning actually, > because that wouldn't stop prepared startup scripts in the user's fake > home from being sourced. > > Also, there likely are some users whose home directory is owned by > someone else for innocuous reasons, e.g. because they themselves > created it when they were logged in as administrator. And of course > they wouldn't take kindly to a warning, and even less to a fatal > error.
Which is not a good idea anyway. The home dir should belong to the user. After all, Cygwin is not Windows(*) but a POSIX system. OpenSSH for instance checks if the home dir belongs to the user and has sufficiently strict permissions. Corinna (*) Yes, yes, I know. Don't rub it in. -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat