Mail Archives: cygwin/2023/09/22/04:48:13

Martin Wege via Cygwin <cygwin AT cygwin DOT com> · Fri, 22 Sep 2023 10:47:43 +0200

On Fri, Sep 22, 2023 at 9:42ā€ÆAM Christian Franke via Cygwin
<cygwin AT cygwin DOT com> wrote:
>
> Martin Wege via Cygwin wrote:
> > Hello,
> >
> > Does Cygwin have a tool to run a bash script as SYSTEM user if my
> > account already have admin rights?
>
> No (AFAIK).
>
> I use psexec from Sysinternals tools
> (https://learn.microsoft.com/sysinternals/downloads/psexec)
>
> This starts a Cygwin terminal as SYSTEM user:
>
> psexec -s -i c:\cygwin\bin\mintty -

Use of psexec is forbidden, as it triggers our security software (Cortex XDR).

Windows has https://learn.microsoft.com/en-us/windows/win32/api/securitybaseapi/nf-securitybaseapi-impersonateloggedonuser
Can we use that to write a C wrapper program, to switch from current
user with admin rights to the SYSTEM account, execute command and then
exit(0) the wrapper?

Thanks,
Martin

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org A7F583857345
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1695372492;
	bh=qYgjgHcnFU4LPWbg64l/QQ1wDtcX5dHFBx5YFB8VSVw=;
	h=References:In-Reply-To:Date:Subject:To:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	From;
	b=I6dpilcst92sXiALMB2x9TZsfJZAfDuF4DHlLTwvfJUB82NQEKGKDRiRTFqdFCpm3
	HxXNTNiVS22OEH4ij4K1IoDxKLvpP65pr8P7QGzMEX37yNjD5VxMzkNGoLG2WvJu7f
	mO1WBfx8HLaAUQzGEYJsKP0WaE7ISCQiCEYnWNew=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.4.2 sourceware.org A85423858D37
X-Google-DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20230601; t=1695372474; x=1695977274;
	h=content-transfer-encoding:to:subject:message-id:date:from
	:in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
	:subject:date:message-id:reply-to;
	bh=dr8GWohlv/bGqQ4jylwcs+2tW0OuE4Tb0nK08PDxYkc=;
	b=NLyJlUC0QprTq08s4xTYdRlNSotx5rv4a/pz4EkQAYl5EU1sqFEY6NrRpj2PqtA0B1
	2ObunrtVYl4vFzypzNGbn56SNP1iR2XE/9oKO6xt+Mr1NH0zeWCdObzSx1s7u8bqH+3H
	6LsiyadPgCcVTattJsC6RPEurw9GgFDeQzcR99gjVwxgAI0DQPwwPc+H8kIJRsFp812i
	qkIGxxH20TtROHHFby3gIyDIRUGgOwyLOyt3wklkgrwclBJ9iANnK0u7YL4qzCUnyyG9
	JEoidvm908ofuAYm/FM2ToW1LqoKATriikFnRal+jrz+Bedl0t6jQ3TGp6AAlamWAtLT
	5REg==
X-Gm-Message-State:	AOJu0Yx2PmpnM1Tv+n5dmAplHtlfoJpAFmq0Vy5bW4MYN6WChVGuZ3O/
	xxygLluhBU7GFyKo+N9aC8sYLl8QkfdYyGtIuIw+SKh/5ik=
X-Google-Smtp-Source:	AGHT+IG92cIW9zHZBTsjTfkCdOaDdhpQMQCPbHQmoP56yFI3XAltmFjfKq3NJrqi3FYOIpjjcOx3hjdWe7iP5LO6qoU=
X-Received:	by 2002:a05:6870:c081:b0:1d6:3bf8:a7e8 with SMTP id
	c1-20020a056870c08100b001d63bf8a7e8mr8982921oad.13.1695372474334; Fri, 22 Sep
	2023 01:47:54 -0700 (PDT)
MIME-Version:	1.0
References:	<CANH4o6M0id2F7VCyzFWzje-BUd2oRGhp07PRNLJnEyzkYTbhSA AT mail DOT gmail DOT com>
	<b4f5c1be-8b8d-6abc-6c13-c86537f4af43 AT t-online DOT de>
In-Reply-To:	<b4f5c1be-8b8d-6abc-6c13-c86537f4af43@t-online.de>
Date:	Fri, 22 Sep 2023 10:47:43 +0200
Message-ID:	<CANH4o6P+x7VaB0W5kjxmd_4DOHi8GDuRmfyZfE3dNJ4YixTfzQ@mail.gmail.com>
Subject:	Re: Running bash script as SYSTEM from account with admin rights?
To:	cygwin AT cygwin DOT com
X-Spam-Status:	No, score=-0.0 required=5.0 tests=BAYES_00, DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,
	SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version:	SpamAssassin 3.4.6 (2021-04-09) on
	server2.sourceware.org
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.30
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From:	Martin Wege via Cygwin <cygwin AT cygwin DOT com>
Reply-To:	Martin Wege <martin DOT l DOT wege AT gmail DOT com>
Sender:	"Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>
X-MIME-Autoconverted:	from base64 to 8bit by delorie.com id 38M8mDcJ030204

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019