Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to email@example.com.
On Sat, Dec 15, 2001 at 11:48:54PM +0000, Tony Hoyle wrote: > Corinna Vinschen wrote: > > They are using a so called `LSA authentication module'. This is what > > I'd like to do by myself and which I actually tried to get more > > information about in the past months. Unfortunately the Microsoft > > documentation on that issue is more or less non-existant and there's > > no sample code available. Besides that, VShell is >= 249 USD and > > apparently not open source. > > Personally I wouldn't trust a closed-source authentication module as far > as I could throw it - it's bad enough trying to keep on top of the bugs > in the MS stuff without third party authentication keeping me awake at > nights... Agree. What actually sucks is that there's not _one_ source code for such a module. All modules I ever saw are proprietary implementations and cost $$$. Perhaps there's a chance to create our own common open source LSA auth module if we're working together?!? > There is nothing to stop cvsnt & cygwin hooking the GetUserName() function with an > > API hook - this is documented quite well in MSDN and would mean that all > NT programs which relied on this would return the correct user. Hum, that's just another way of workaround but it would be ok as long as we don't have a formally correct user context switch. Unfortunately I never hooked a Win32 function. Could you give me a pointer here? Oh, and don't forget to hook LookupAccountSid(). > What would be better of course is for someone to reverse-engineer the > GetUserName function and work out *why* it sucks so badly - it might be > possible to fix it somehow. For us? As I already wrote in private mail to Terris, I asked on microsoft mailing lists for that problem and just got no response... as usual when asking for anything security related developer problems. I didn't get a response when asking for documentation on LSA auth modules and I didn't get a response when asking for sample source code. Too bad. And I'm not good in reverse engineering. That requires to know i386 assembler language... Corinna -- Corinna Vinschen Cygwin Developer Red Hat, Inc. mailto:vinschen at redhat.com _______________________________________________ Cvsnt mailing list Cvsnt at cvsnt.org http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs