From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-return-172839-listarch-cygwin=sourceware.org@cygwin.com>
Received: (qmail 13521 invoked by alias); 9 Oct 2011 00:25:24 -0000
Received: (qmail 13508 invoked by uid 22791); 9 Oct 2011 00:25:23 -0000
X-SWARE-Spam-Status: No, hits=-2.4 required=5.0	tests=BAYES_00,FREEMAIL_FROM,RP_MATCHES_RCVD,SPF_HELO_PASS,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By: sourceware.org
Received: from lo.gmane.org (HELO lo.gmane.org) (80.91.229.12)    by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sun, 09 Oct 2011 00:25:08 +0000
Received: from list by lo.gmane.org with local (Exim 4.69)	(envelope-from <goc-cygwin@m.gmane.org>)	id 1RChCT-0001Ze-8G	for cygwin@cygwin.com; Sun, 09 Oct 2011 02:25:05 +0200
Received: from c-98-237-139-150.hsd1.wa.comcast.net ([98.237.139.150])        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))        id 1AlnuQ-0007hv-00        for <cygwin@cygwin.com>; Sun, 09 Oct 2011 02:25:05 +0200
Received: from cygwin-hoffman by c-98-237-139-150.hsd1.wa.comcast.net with local (Gmexim 0.1 (Debian))        id 1AlnuQ-0007hv-00        for <cygwin@cygwin.com>; Sun, 09 Oct 2011 02:25:05 +0200
To: cygwin@cygwin.com
From: Michael Hoffman <cygwin-hoffman@sneakemail.com>
Subject: 1.7.9: login via ssh allows Administrator privileges
Date: Sun, 09 Oct 2011 00:25:00 -0000
Message-ID: <loom.20111009T004052-731@post.gmane.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
User-Agent: Loom/3.14 (http://gmane.org/)
X-IsSubscribed: yes
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
X-SW-Source: 2011-10/txt/msg00124.txt.bz2

My user account is in the Administrators group, but has User Account Control
turned on. I've installed sshd and turned it on, ssh-host-config, and enabled
the Cygwin Local Security Authority authentication package with cyglsa-config.

When I log in via ssh I find I have Administrator privileges:

$ id -a
uid=1000(Michael) gid=513(None) groups=513(None),545(Users)

$ ssh localhost

# id -a
uid=1000(Michael) gid=513(None)
groups=513(None),0(root),544(Administrators),545(Users)

Is there a way to turn this off or remove myself from the Administrators and
root groups? I prefer not to have administrative access unless I explicitly
request it.

Cygcheck output: http://pastebin.com/S6CyKpaD

Many thanks,
Michael Hoffman


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple