This is the mail archive of the
mailing list for the Cygwin project.
Re: Setting up user mode cron
- From: Andrew DeFaria <ADeFaria at Salira dot com>
- To: cygwin at cygwin dot com
- Date: Fri, 11 Jan 2002 10:19:57 -0800
- Subject: Re: Setting up user mode cron
- Organization: Salira Optical Networks
- References: <email@example.com>
>On Thu, Jan 10, 2002 at 10:45:27AM -0800, Andrew DeFaria wrote:
>>limits" to cron. IOW I guess what I'm saying is that *something* should be done (I know you can see this as whining and perhaps it is. But it's whining for a good cause! :-)
>So, why aren't you going to roll up your sleeves and create a really useful patch?
As soon as I can receive compensation for it! I'm sorry but I don't work
for free or at least I do not have the time, resources nor inclination
to work for free at this time. You can classify this as whining if you
>>This cron seems to support setting a MAILTO environment variable to tell cron where to mail output in case of errors. Could it not simply
>>additionally support USERNAME and PASSWD environment variables that, if present in the crontab would cause cron to change user context with asking for logon credentials? Of course of concern would be the possibly cleartext PASSWD. Perhaps PASSWD could be required to be encrypted like that usually in bona fide Unix /etc/passwd (/etc/shadow) files. It's just a thought of a possible workaround to a possibly bad situation.
>You can't encrypt the passwd as in UNIX. These are asymmetrically
>encryptions. You can't get the original passwd back. Your proposition
>would need a symmetrically encrypted password which means, the
>encryption key is either hardcoded in cron (URGH) or it's evaluated
>by some deterministical function (urgh). And you would of course
>need an extra tool to create the encrypted from the cleartext password
>to allow a user to type it into his/her crontab file.
OK, let's look at this another way. When one uses POP or IMAP to
retrieve email one must authenticate one's username and password to the
server to retrieve the email. Therefore somewhere the username and
password is stored. For example, when using POP with Netscape to
retrieve email from a mail server, Netscape stores the username and
password somewhere (a configuration file or the registry). For security,
Netscape encrypts the password in some fashion before storing it. When
needed Netscape retrieves this information, unencrypts it and sends it
along to the mail server so that the user is authenticated and the email
is retrieved. Why then can't Cygwin's cron do something similar?
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html