Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-developers-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin-developers AT sources DOT redhat DOT com
Message-ID: <39760A4F.1AB1D91F@cygnus.com>
Date: Wed, 19 Jul 2000 22:06:39 +0200
From: Corinna Vinschen <vinschen AT cygnus DOT com>
Reply-To: cygdev <cygwin-developers AT sources DOT redhat DOT com>
X-Mailer: Mozilla 4.73 [en] (X11; I; Linux 2.2.14-SMP i686)
X-Accept-Language: de, en
MIME-Version: 1.0
To: cygwin-developers AT sources DOT redhat DOT com
Subject: Re: login-1.3 can't work on the recent snapshots.
References: <s1su2e4mz1d DOT fsf AT jaist DOT ac DOT jp> <s1s7lai5b7i DOT fsf AT jaist DOT ac DOT jp> <20000719141458 DOT D17938 AT cygnus DOT com> <3975FB88 DOT 5A96123E AT cygnus DOT com> <20000719150450 DOT C18820 AT cygnus DOT com> <39760766 DOT 7DCBF763 AT cygnus DOT com> <20000719155710 DOT D19551 AT cygnus DOT com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Chris Faylor wrote:
> 
> On Wed, Jul 19, 2000 at 09:54:14PM +0200, Corinna Vinschen wrote:
> >Chris Faylor wrote:
> >> I'm not sure why it is a problem even for when child == myself,
> >> actually.
> >
> >The below code could produce that (from spawn_guts):
> >
> >==== SNIP ====
> >      /* Remove impersonation */
> >      uid_t uid = geteuid();
> >      if (myself->impersonated && myself->token != INVALID_HANDLE_VALUE)
> >        seteuid (myself->orig_uid);
> >
> >      /* Set child->uid to USHRT_MAX to force calling
> >internal_getlogin()
> >         from child process. Set psid to NULL to play it safe. */
> >      child->uid = USHRT_MAX;
> >      child->psid = NULL;
> >
> >      rc = CreateProcessAsUser (...);
> >
> >      /* Restore impersonation */
> >      if (myself->impersonated && myself->token != INVALID_HANDLE_VALUE)
> >        seteuid (uid);
> >==== SNAP ====
> >
> >Assuming that myself==child, the last part (restoring the impersonation)
> >would be able to influence the child. The child would get a uid which
> >is the wrong one and additionally forbids calling internal_getlogin.
> >Hmm.

Nonsense! This can only effect things when the new impersonation
interface (cygwin_logon_user, cygwin_set_impersonation_token, setuid)
is used, which isn't the case in login-1.3. I'm as smart as before...

> Ok.  So, it seems like you just don't need to do the second seteuid when
> mode == _P_OVERLAY .  Right?

This might help. I will change that, however.

Corinna

-- 
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company