X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=NwwwLXoSY8IWtrSdYrG/Hn99YVxdEzl75OWYuS1mWBDOveLV9pMrm
	+ashYdTWqbx0VICEEMzR35fiarWT6Rvw3TUbfPwO/yxuTwoYjvQ7IidRx5QTcN9r
	wr5GLqQHIxJj4/nQ1fZoNz55YyUWKA43UAwWRmDemOcfAkzm1T0R+I=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	 bh=Oi5B2jw3hFKsJffXTV0UqS/lYyc=; b=r675GXisr5PPqX6/DAITmsqlVSNo
	VyIPG9OuG9nyw3vVOHATCkQgnTcoJDBbx/GP0xOQIE4GYjwO8xONQ1SbFxPU8kwk
	Un/Uvj9hlfELjPqE7C6rGKki/2rzmGz1Fx+lw6JnRU0yeX+FJs7Isfll1+YwdiJM
	0T5Dj/LyDDDvD/o=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2
X-HELO: calimero.vinschen.de
Date: Thu, 5 Feb 2015 12:39:26 +0100
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: how to determine if a shell is running as Administrator?
Message-ID: <20150205113926.GT2635@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <slc6da9aq8g9e7h0aegafhfa86eahfd53p AT 4ax DOT com> <20150205100349 DOT GS2635 AT calimero DOT vinschen DOT de> <87siekhaz6 DOT fsf AT Rainer DOT invalid>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;	protocol="application/pgp-signature"; boundary="JvUS8mwutKMHKosv"
Content-Disposition: inline
In-Reply-To: <87siekhaz6.fsf@Rainer.invalid>
User-Agent: Mutt/1.5.23 (2014-03-12)

--JvUS8mwutKMHKosv
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Feb  5 12:08, Achim Gratz wrote:
> Corinna Vinschen writes:
> >> 2. Parse the output of groups or id -G.  I can't find any reliable way=
 to do
> >> this.  For example on my host, when I start a shell with "Run as admin=
istrator",
> >> the new group I get isn't 544 (Administrators).  It's 114 (Local accou=
nt and
> >> member of Administrators group).  Is that at all portable or reliable?
> >
> > Huh?  There is no such group in Windows.  Where does it come from?
>=20
> Yes there is, at least on Windows 8.1N Core and Server 2012R2.  In fact
> there are two new SID:
>=20
> 113 (Local account)
> 114 (Local account and member in Administrators group)
>=20
> http://blogs.technet.com/b/secguide/archive/2014/09/02/blocking-remote-us=
e-of-local-accounts.aspx
> https://msdn.microsoft.com/en-us/library/cc980032.aspx

Thanks for the info.  Now I remember that I saw them already at one
point, but I never had a deeper look what they actually are good for.

However, the user token of such a user still contains the Administrators
group (I just tested it) and thus the `id -G' test for 544 (or 0 with
the old "root" entry in /etc/group) is still valid.


Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--JvUS8mwutKMHKosv
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU01ZuAAoJEPU2Bp2uRE+gi5YQAIBjVZFd9Dm6cvbn+q+ESufi
2wULOGO68qgIzK47NDucznu3GMgH9JSRqdBi/5CVmqPrVti3xbZg+e+SF02O5KWl
eCpERo0MupqakiJyvhRnR5ZS4ktJ32ckDnkisywAEto/fcaAnffM/lN3igQrH64C
l/iYfit811LsIpcm56g8R9SP46RIdksuekQRrZ/41aepBacassAckAgjH+OQpY7t
ceUr2V8QQrmW/VYT4n/6rh1TchZewvLrPnUAdbd5gAKVLfTjeThqxZMHyNrK0iTG
1OEXvd00s7LuLY2BiqTjYVQRq9fuZPjPjultkdxKfHItkNwepXY1GMWG0q8glziW
ce/ckjAq+QYyDDH5JtfIS66p4K3Fxm1ZEQwAsdUCdoX6X1wuK1Xob4zQdrzUsyns
WIvFh+AMECrg+xGGh6PuYJJ05k/lBnVl0tO4PX4OYORRFW/AoUmzB0r4nWgb5gyH
jKTwJIMnb2dYhATnpcNQ5Bg0h1TYWvgydQSSnhysvOV2jsRcHbvERfJFAeE8audc
lRBB/lWPWZuqYSxi26iXE2eyAMIvVUxGtGH88cCqX/M72ggfwVDhGcWNgAC2/qc2
OX8tmmmeMiYjjEnuepx5AOy6jxOlKA/RGteeaGfx4OKBuMzLfCAa+oilM2mVBUcm
YMpj3F/51QEwZN8CFAuN
=UG+U
-----END PGP SIGNATURE-----

--JvUS8mwutKMHKosv--