X-Recipient: archive-cygwin AT delorie DOT com X-Spam-Check-By: sourceware.org Date: Wed, 21 Apr 2010 09:45:26 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: cyglsa and group membership Message-ID: <20100421074526.GA15415@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <20100420205311 DOT GB26489 AT proxix DOT com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20100420205311.GB26489@proxix.com> User-Agent: Mutt/1.5.20 (2009-06-14) Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com On Apr 20 14:53, Tom Schutter wrote: > Does cyglsa attempt to deal with nested group membership? If group B > is a member of group A, and I am a member of group B, will group A > appear in the "groups" command output? cyglsa is not doing that on its own. The actual mechanism to construct the group list is in the Cygwin DLL, and it's the exact same mechanism used when creating the token from scratch per http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview, without password, method 1. Essentially it boils down to calling NetUserGetGroups (logonserver, user, ...) NetUserGetLocalGroups (logonserver, user, 0, LG_INCLUDE_INDIRECT, ...) Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple