Mail Archives: cygwin/2019/05/10/10:05:19

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2019/05/10/10:05:19

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:reply-to:message-id:to:subject

:in-reply-to:references:mime-version:content-type

:content-transfer-encoding; q=dns; s=default; b=cUkzSQWVcG8uRjBt

2Y1OLlJ9CKsc+Ycj9Mndh8miMuwlFJ9BLeSePoRmo2wTQDvq5DDEaR9vraGQCqSP

7d4O2rfdK5HEmOMfuTavXAuXeQuq29vDUkXne+Uc8Tyjt+EN9JrBtfwUD+B6stZn

Ntgqp+OTCL73G7Q2Luy7nDH4Qgc=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:reply-to:message-id:to:subject

:in-reply-to:references:mime-version:content-type

:content-transfer-encoding; s=default; bh=gRurUFT/KbTinr3lkldzhd

4MSNI=; b=NUnkN2+kg1E5XNRXLtBP+wKYz/bHzWUOiJTeSgTb0bb7WGFlWI6Mj7

Th6tGURhw7X3Jvg/NwwvzqOdTTfEUsU8mOzD3iYAgFPn6AOYdK6E73B2VWUvHQq/

N1VoKsgIvOYg5E1PIfTGkBvAfDik4J8XpRJJB6Znuk/+4+xwMXUk0=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Spam-SWARE-Status: No, score=2.0 required=5.0 tests=BAYES_50,FREEMAIL_FROM,KAM_THEBAT,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.1 spammy=accounts, Administrator, H*M:yandex, Trusted

X-HELO: forward104o.mail.yandex.net

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1557497101; bh=/NhRaP7w+9tkIyItt2FlNvlZGxsbi2+/XdJHasIr+ow=; h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date; b=nF7TQ9kei5HulZ4ilj9tfTGGTCHBLKumw3FTYd7iO9Yw8lkCfPNZDngHhODSkQ8+R PWN+ggnSqL0IL7pWn8XHAY/2LxGiwzXSRn18twRti0XiW2k59bNwMLoOcP1WjV8S6M OguyC6W7TflJ0VH8WxNsdmIJlLTQtoThkQWlyLEk=

Authentication-Results: mxback4j.mail.yandex.net; dkim=pass header.i=@yandex.ru

Date: Fri, 10 May 2019 16:54:42 +0300

From: Andrey Repin <anrdaemon AT yandex DOT ru>

Reply-To: cygwin AT cygwin DOT com

Message-ID: <1146833447.20190510165442@yandex.ru>

To: LRN <lrn1986 AT gmail DOT com>, cygwin AT cygwin DOT com

Subject: Re: How to become root/root (0/0)

In-Reply-To: <3e9407d5-9a47-c863-64a4-445b2fc04050@gmail.com>

References: <e5962fd2-8705-33a4-c4ce-94a78b55b70c AT t-online DOT de> <1529177562 DOT 20190509150945 AT yandex DOT ru> <CANV9t=SOqauB8uV9vqX9MiNKW7-xYt2vv-J8K2UnrrDhwnBAJA AT mail DOT gmail DOT com> <3e9407d5-9a47-c863-64a4-445b2fc04050 AT gmail DOT com>

MIME-Version: 1.0

X-IsSubscribed: yes

Greetings, LRN!

>>> Again, there's simply no equivalent of "god user" from *NIX in Windows
>>> permissions system.
>> 
>> That's not really correct. An account that is a member of the
>> Administrators local group (localized name can be different, SID is
>> S-1-5-32-544) is a root/superuser equivalent.
>> 
>> It is true that some objects have permissions that prevent Administrators
>> from accessing them, but any member of Administrators can take
>> ownership/change permissions/run as SYSTEM and access those objects.

> IIRC, even Administrators can't run as SYSTEM. To run as SYSTEM, you need to
> somehow coerce a process that runs as SYSTEM to do something for you. Usually
> achieved by running a [temporary] service and having it do what you want to be
> done.

> Notably, SYSTEM (but not Administrator) can impersonate any other user without
> needing a password

Only locally.
But then again, impersonation versus having an inherent god power.

> (other users can only impersonate with a password - i.e.
> they need to authenticate themselves). In that sense SYSTEM is the true root
> (though there are other high-privilege accounts, such as Trusted Installer and
> Local Service that might be able to do the same things).



-- 
With best regards,
Andrey Repin
Friday, May 10, 2019 16:53:51

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=cUkzSQWVcG8uRjBt
	2Y1OLlJ9CKsc+Ycj9Mndh8miMuwlFJ9BLeSePoRmo2wTQDvq5DDEaR9vraGQCqSP
	7d4O2rfdK5HEmOMfuTavXAuXeQuq29vDUkXne+Uc8Tyjt+EN9JrBtfwUD+B6stZn
	Ntgqp+OTCL73G7Q2Luy7nDH4Qgc=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; s=default; bh=gRurUFT/KbTinr3lkldzhd
	4MSNI=; b=NUnkN2+kg1E5XNRXLtBP+wKYz/bHzWUOiJTeSgTb0bb7WGFlWI6Mj7
	Th6tGURhw7X3Jvg/NwwvzqOdTTfEUsU8mOzD3iYAgFPn6AOYdK6E73B2VWUvHQq/
	N1VoKsgIvOYg5E1PIfTGkBvAfDik4J8XpRJJB6Znuk/+4+xwMXUk0=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Spam-SWARE-Status:	No, score=2.0 required=5.0 tests=BAYES_50,FREEMAIL_FROM,KAM_THEBAT,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.1 spammy=accounts, Administrator, H*M:yandex, Trusted
X-HELO:	forward104o.mail.yandex.net
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1557497101; bh=/NhRaP7w+9tkIyItt2FlNvlZGxsbi2+/XdJHasIr+ow=; h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date; b=nF7TQ9kei5HulZ4ilj9tfTGGTCHBLKumw3FTYd7iO9Yw8lkCfPNZDngHhODSkQ8+R PWN+ggnSqL0IL7pWn8XHAY/2LxGiwzXSRn18twRti0XiW2k59bNwMLoOcP1WjV8S6M OguyC6W7TflJ0VH8WxNsdmIJlLTQtoThkQWlyLEk=
Authentication-Results:	mxback4j.mail.yandex.net; dkim=pass header.i=@yandex.ru
Date:	Fri, 10 May 2019 16:54:42 +0300
From:	Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To:	cygwin AT cygwin DOT com
Message-ID:	<1146833447.20190510165442@yandex.ru>
To:	LRN <lrn1986 AT gmail DOT com>, cygwin AT cygwin DOT com
Subject:	Re: How to become root/root (0/0)
In-Reply-To:	<3e9407d5-9a47-c863-64a4-445b2fc04050@gmail.com>
References:	<e5962fd2-8705-33a4-c4ce-94a78b55b70c AT t-online DOT de> <1529177562 DOT 20190509150945 AT yandex DOT ru> <CANV9t=SOqauB8uV9vqX9MiNKW7-xYt2vv-J8K2UnrrDhwnBAJA AT mail DOT gmail DOT com> <3e9407d5-9a47-c863-64a4-445b2fc04050 AT gmail DOT com>
MIME-Version:	1.0
X-IsSubscribed:	yes