Mail Archives: cygwin/2008/08/07/11:26:50
Corinna Vinschen wrote:
> Hi Chuck,
>
> On Aug 4 21:31, Charles Wilson wrote:
>> Corinna Vinschen wrote:
>>> Btw., there's a test for the administrators group in /etc/passwd.
>> I don't see this. I see testing /etc/passwd for the (local) Administrator
>> USER, and testing /etc/group for the Administrators GROUP, but not
>> /etc/passwd <-> Administrators GROUP.
>>
>> More info please?
>
> Function csih_get_system_and_admins_ids(), last test:
>
> csih_ADMINSUID=$(sed -ne '/^[^:]*:[^:]*:[0-9]*:[0-9]*:[^:]*,S-1-5-32-544:.*:/{s/[^:]*:[^:]*:\([0-9]*\):.*$/\1/p;q}' /etc/passwd)
> csih_SYSTEMUID=$(sed -ne '/^[^:]*:[^:]*:[0-9]*:[0-9]*:[^:]*,S-1-5-18:.*:/{s/[^:]*:[^:]*:\([0-9]*\):.*$/\1/p;q}' /etc/passwd)
> if [ -z "$csih_ADMINSUID" -o -z "$csih_SYSTEMUID" ]
> then
> [...]
>
> The function csih_get_system_and_admins_ids is called by
> csih_check_access() and requires the above test being successful.
Ah -- those lines are testing /etc/passwd for the Administrator USER.
You originally said 'administrators group'. Hence my confusion.
Now, about csih_check_access() -- without exact knowledge of
csih_ADMINSUID, csih_SYSTEMUID, csih_ADMINSGID, and csih_SYSTEMGID, then
the whole csih_check_access() test can't be computed.
If you make those GID/UID vars "optional" (e.g. not a failure if
missing), and then skip the relevant tests in csih_check_access, you
might as well just abandon the test entirely. Is that what we want to
do? Never bother to check for SYSTEM/Administrator access to the
specified files?
e.g.
/var/run
/var/log
/var/empty
Somehow that doesn't seem right.
--
Chuck
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -