From 22f8000733076a2acf41e58f8294341c256628b0 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Wed, 11 Sep 2002 08:39:04 +0000
Subject: [PATCH] 	* ntsec.html: Add chapter for switching user context
 w/o password.

---
 winsup/doc/ChangeLog  |  4 ++++
 winsup/doc/ntsec.sgml | 24 ++++++++++++++++++++++--
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/winsup/doc/ChangeLog b/winsup/doc/ChangeLog
index 11ba8a92b..f454f9901 100644
--- a/winsup/doc/ChangeLog
+++ b/winsup/doc/ChangeLog
@@ -1,3 +1,7 @@
+2002-09-11  Corinna Vinschen  <corinna@vinschen.de>
+
+	* ntsec.html: Add chapter for switching user context w/o password.
+
 2002-08-29  Christopher Faylor  <cgf@redhat.com>
 
 	* how-api.texinfo: Remove a line from the CRLF discussion about lseek
diff --git a/winsup/doc/ntsec.sgml b/winsup/doc/ntsec.sgml
index 7f38fd755..b6982335f 100644
--- a/winsup/doc/ntsec.sgml
+++ b/winsup/doc/ntsec.sgml
@@ -411,7 +411,6 @@ for fun.</para>
 <title>/etc/passwd</title>
 <screen>
 root:*:0:0:Administrators group,S-1-5-32-544::
-Everyone:*:1:1:,S-1-1-0::
 SYSTEM:*:18:18:,S-1-5-18:/home/system:/bin/bash
 admin:*:500:513:,S-1-5-21-1844237615-436374069-1060284298-500:/home/Administrator:/bin/bash
 corinna:*:100:0:Corinna Vinschen,S-1-5-21-1844237615-436374069-1060284298-1003:/home/corinna:/bin/tcsh
@@ -423,7 +422,6 @@ Guest:*:501:546:,S-1-5-21-1844237615-436374069-1060284298-501:/home/Guest:/bin/b
 <title>/etc/group</title>
 <screen>
 root:S-1-5-32-544:0:
-everyone:S-1-1-0:1:
 local:S-1-2-0:2:
 network:S-1-5-2:3:
 interactive:S-1-5-4:4:
@@ -710,4 +708,26 @@ etc.
 
 </sect2>
 
+<sect2 id="ntsec-release1.3.3"><title>New since Cygwin release 1.3.3</title>
+
+<para>
+Since Cygwin release 1.3.3, applications having the
+<command>Create a process level token</command> user right can switch user
+context without giving a password by just calling the usual
+<command>setuid</command>, <command>seteuid</command>,
+<command>setgid</command> and <command>setegid</command> functions.  This is
+typically only given to the SYSTEM user. However, this now allows to switch
+the user context using e. g. rhosts authentication or (when running sshd
+under SYSTEM account as service) public key authentication.
+</para>
+<para>
+An important restriction of this method is, that a process started under
+SYSTEM account can't access network shares which require authentication.
+This also applies to the subprocesses which switched the user context 
+without a password.  People using network home drives are typically not
+able to access it when trying to login using ssh or rsh without password.
+</para>
+
+</sect2>
+
 </sect1>