Mail Archives: cygwin/2003/06/09/07:47:08

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2003/06/09/07:47:08

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Date: Mon, 9 Jun 2003 13:46:57 +0200

From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>

To: cygwin AT cygwin DOT com

Subject: Re: Problems on accessing Windows network resources.

Message-ID: <20030609114657.GA6692@cygbert.vinschen.de>

Reply-To: cygwin AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

References: <001401c32dd7$dc721b30$2000a8c0 AT kappy> <3 DOT 0 DOT 5 DOT 32 DOT 20030608153754 DOT 0080fdb0 AT incoming DOT verizon DOT net>

Mime-Version: 1.0

In-Reply-To: <3.0.5.32.20030608153754.0080fdb0@incoming.verizon.net>

User-Agent: Mutt/1.4.1i

On Sun, Jun 08, 2003 at 03:37:54PM -0400, Pierre A. Humblet wrote:
> Coincidentally I was just looking at that. A side effect of switching to 
> the system account is that the user access token obtained with a password 
> is lost. A new password-less user token is then generated, but it doesn't 

Nope, that can't be correct.  First of all, the impersonation token
saved by cygwin_set_impersonation_token() is used for all subsequent
set(e)uid calls for that user internally.  Switching back to the 
privileged account and switching forth again is part of the design.
You (Pierre) can check this by examining the impersonation token
after logging in using e.g. telnet.  You will find a logon SID in
the token as well as being Advapi the source.  It's the token given
by the previous cygwin_logon_user() call.

> Actually I am attaching what should be a fix, but it's only tested on 
> WinME. Feedback welcome. Compile as follows and mv the .exe to /bin
> gcc login.c -o login -l crypt

I've uploaded a new version of login using setgid/setuid.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Date:	Mon, 9 Jun 2003 13:46:57 +0200
From:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: Problems on accessing Windows network resources.
Message-ID:	<20030609114657.GA6692@cygbert.vinschen.de>
Reply-To:	cygwin AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<001401c32dd7$dc721b30$2000a8c0 AT kappy> <3 DOT 0 DOT 5 DOT 32 DOT 20030608153754 DOT 0080fdb0 AT incoming DOT verizon DOT net>
Mime-Version:	1.0
In-Reply-To:	<3.0.5.32.20030608153754.0080fdb0@incoming.verizon.net>
User-Agent:	Mutt/1.4.1i