Mail Archives: cygwin/1998/04/03/07:42:12
| From: | tmh AT netfusion DOT co DOT uk (Tony Hoyle)
|
| Subject: | FIX: Administrators need to appear as root user for some users
|
| 3 Apr 1998 07:42:12 -0800
: | |
| Message-ID: | <3.0.5.32.19980402183505.00926480.cygnus.gnu-win32@liverpool.netfusion.co.uk>
|
| Mime-Version: | 1.0
|
| To: | gnu-win32 AT cygnus DOT com
|
I have been porting sendmail 8.8.8 & in compiles with very little change
(!). Now I've just got to get
it to run :-)
I've changed getuid,geteuid, etc. to return UID=0 when the process is in
the Administrators group. Specifically
I had to make getuid return 0 and geteuid return the real uid (I had to do
it this way round because of the way
sendmail checks who the invoking user is). Code follows:
(I just tacked this code in its own file rather than recompiling cygwin, so
it could, and probably should, be structured better)
#define DEFAULT_GID 100
#define DEFAULT_UID 500
static uid_t myuid=UINT_MAX;
static gid_t mygid=UINT_MAX;
uid_t getuid()
{
if(IsAdministrator()) return 0;
else return geteuid();
}
gid_t getgid()
{
if(IsAdministrator()) return 0;
else return getegid();
}
uid_t geteuid()
{
struct passwd *p;
if(myuid==UINT_MAX)
{
if((p = getpwnam (getlogin ())) != NULL)
myuid=p->pw_uid;
else
myuid = DEFAULT_UID;
}
return myuid;
}
gid_t getegid()
{
struct passwd *p;
if(mygid==UINT_MAX)
{
if((p = getpwnam (getlogin ())) != NULL)
mygid=p->pw_gid;
else
mygid = DEFAULT_GID;
}
return mygid;
}
#define MAX_NAME 256
BOOL IsAdministrator()
{
DWORD i, dwSize = 0, dwResult = 0;
HANDLE hToken;
PTOKEN_GROUPS pGroupInfo;
SID_NAME_USE SidType;
char lpName[MAX_NAME];
char lpDomain[MAX_NAME];
BYTE sidBuffer[100];
PSID pSID = (PSID)&sidBuffer;
SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY;
BOOL bIsAdmin = FALSE;
// Open a handle to the access token for the calling process.
if (!OpenProcessToken( GetCurrentProcess(), TOKEN_QUERY, &hToken ))
return FALSE;
// Call GetTokenInformation to get the buffer size.
if(!GetTokenInformation(hToken, TokenGroups, NULL, dwSize, &dwSize))
{
dwResult = GetLastError();
if( dwResult != ERROR_INSUFFICIENT_BUFFER )
return FALSE;
}
// Allocate the buffer.
pGroupInfo = (PTOKEN_GROUPS)malloc(dwSize);
// Call GetTokenInformation again to get the group information.
if(! GetTokenInformation(hToken, TokenGroups, pGroupInfo,
dwSize, &dwSize ) )
{
return FALSE;
}
// Create a SID for the BUILTIN\Administrators group.
if(! AllocateAndInitializeSid( &SIDAuth, 2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&pSID) )
{
return FALSE;
}
// Loop through the group SIDs looking for the administrator SID.
for(i=0; i<pGroupInfo->GroupCount; i++)
{
if(EqualSid(pSID, pGroupInfo->Groups[i].Sid))
{
// Lookup the account name and print it.
dwSize = MAX_NAME;
if( !LookupAccountSid( NULL, pGroupInfo->Groups[i].Sid,
lpName, &dwSize, lpDomain,
&dwSize, &SidType ) )
{
break;
}
// Find out if the SID is enabled in the token
if (pGroupInfo->Groups[i].Attributes & SE_GROUP_ENABLED)
{
bIsAdmin=TRUE;
break;
}
}
}
if (pSID) FreeSid(pSID);
if (pGroupInfo) free(pGroupInfo);
return bIsAdmin;
}
-----------------------------------------------------------------------------
'toH qo' muSHa'qu'mo joH'a', wa' puqloDDaj nobpu' ghaH 'wj
ghaH Harchugh vay', vaj not Hegh ghaH, 'ach yIn jub ghajbej
ghaH.'
Home: (+44) 161 737 0008
Work: (+44) 161 278 2463
http://sale.netfusion.co.uk - My C++ chalkboard (Last update 30/3/98)
-----------------------------------------------------------------------------
-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request AT cygnus DOT com" with one line of text: "help".
- Raw text -