delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2006/03/01/14:29:14

X-Spam-Check-By: sourceware.org
Message-ID: <4405F5F9.8010708@t-online.de>
Date: Wed, 01 Mar 2006 20:28:57 +0100
From: Christian Franke <Christian DOT Franke AT t-online DOT de>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: No effect of SE_BACKUP_NAME privilege on cygwin?
X-ID: T5e9dcZvYeEkeGbGly1VD2Tl2lhyXa7lKvCaGDeeaqZBx9r9jz4LrQ
X-TOI-MSGID: b1b1f330-3be4-4760-933b-3fb9ec32c9a9
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com 

--------------090805050407070805000805
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Enabling SE_BACKUP_NAME has no effect for cygwin programs.

The attached program demonstrates the issue.
It retrieves the attributes of a normally inaccessible file without and 
with SE_BACKUP_NAME.
(The file should be present on XP with C:\ as system drive)

If compiled with "-mno-cygwin" and running as admin on XP Prof, the 
second access succeeds as expected:

GetFileAttributes failed: 5
SeBackupPrivilege enabled!
GetFileAttributes = 0x0026

But if running as a cygwin program on 1.5.19, the result is:

GetFileAttributes failed: 5
SeBackupPrivilege enabled!
GetFileAttributes failed: 5

The privilege can be enabled, but has no effect - bug or feature ?-)

Thanks for any help.

Christian


--------------090805050407070805000805
Content-Type: text/plain;
 name="privilege.cc"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="privilege.cc"

#include <windows.h>
#include <stdio.h>

static void Check()
{
	DWORD attr = GetFileAttributes("C:/System Volume Information/MountPointManagerRemoteDatabase");
	if (attr == ~(DWORD)0)
		printf("GetFileAttributes failed: %ld\n", GetLastError());
	else
		printf("GetFileAttributes = 0x%04lx\n", attr); // Usually 0x0026, Archive|System|Hidden
}

static bool GetBackupPrivil()
{
	HANDLE t;
	if(!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &t)) {
		printf("OpenProcessToken failed: %ld\n", GetLastError()); return false;
	}
	TOKEN_PRIVILEGES tp;
	if(!LookupPrivilegeValue(NULL, SE_BACKUP_NAME, &tp.Privileges[0].Luid)) {
		printf("LookupPrivilegeValue failed: %ld\n", GetLastError()); return false;
	}
	tp.PrivilegeCount           = 1;
	tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
	AdjustTokenPrivileges(t, FALSE, &tp, 0, NULL, NULL);
	if (GetLastError() != ERROR_SUCCESS) {
		printf("AdjustTokenPrivileges failed: %ld\n", GetLastError()); return false;
	}
	CloseHandle(t);
	printf(SE_BACKUP_NAME" enabled!\n");
	return true;
}

main()
{
	Check();

	if (!GetBackupPrivil())
		return 1;

	Check();
	return 0;
}


--------------090805050407070805000805
Content-Type: text/plain; charset=us-ascii

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/
--------------090805050407070805000805--

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019