X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-1.4 required=5.0	tests=AWL,BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,KHOP_RCVD_TRUST,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE,TW_NX,TW_PW,TW_TP,TW_YG
X-Spam-Check-By: sourceware.org
MIME-Version: 1.0
Date: Thu, 11 Oct 2012 00:07:17 +0800
Message-ID: <CALGdGTZUGFC7h999PvBSo=VZ1BXoS-SQJTjDtmUAiSm83iex-A@mail.gmail.com>
Subject: If administrator setuid to a normal user, then call execvp failed.
From: dds810818 dds810818 <dds810818 AT gmail DOT com>
To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset=ISO-8859-1
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

My cygwin version:
$ cygcheck -c cygwin
Cygwin Package Information
Package              Version        Status
cygwin               1.7.15-1       OK

OS: winxp 64bit

My problem:
There are 3 users in my windows: user1, user2 and user3.
user1 is in administrators group and user group.
user2 is in administrators group.
user3 is in user group.

user1 has "Act as part of the operating system", "Replace process
level token", "Debug programs", "Logon as a service" permissions.
(Actually, it need a "Increase quotas" permission, but I can not find it.)

The program worked fine when convert from user1 to user2.
(Logon winxp by user1.)
./test user2 letmein

The program failed when convert from user1 to user3.
./test user3 letmein
But it worked if to run "sleep" in execvp as the code I commented on line 30.

Cloud anyone help to check this problem?
Thanks.


test.c
---------------------------------------------------------------------------------------
#include <stdio.h>
#include <unistd.h>
#include <windows.h>
#include <sys/cygwin.h>
#include <pwd.h>
#include <errno.h>

int main(int argc, char *argv[]){
	struct passwd *user_pwd_entry = getpwnam (argv[1]);
	char *cleartext_password = argv[2];
	
	printf("%s--%s--\n",argv[1],argv[2]);
	HANDLE token;
	/* Try to get the access token from Windows. */
	token = cygwin_logon_user(user_pwd_entry, cleartext_password);
	if (token == INVALID_HANDLE_VALUE) {
		printf("cygwin logon failed.\n");
		exit(1);
	}
	int res=0;
	/* Inform Cygwin about the new impersonation token. */
	cygwin_set_impersonation_token(token);
	printf("uid:%ld---gid:%ld\n", user_pwd_entry->pw_uid, user_pwd_entry->pw_gid);
		
	res = setuid(user_pwd_entry->pw_uid);
	if(res<0){
		printf("setuid failed of %d\n",EPERM);
	}
	printf("startup!\n");
//	char* comm[]={"sleep","30",NULL};
	char* comm[]={"notepad",NULL};
	res = execvp(comm[0],comm);
	printf("execvp end.");
	if(res !=0){
		perror("execvp error:");
	}
	return 0;
}
-----------------------------------------------------------------------------------------------------------------------

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple