This is the mail archive of the
cygwin-apps@cygwin.com
mailing list for the Cygwin project.
RE: NFS server (final?)
- From: "Robb, Sam" <sam dot robb at timesys dot com>
- To: <cygwin-apps at cygwin dot com>
- Date: Wed, 12 Feb 2003 16:02:48 -0500
- Subject: RE: NFS server (final?)
> Only if you changed the uid of the Administrator account to 0 by hand.
I have *not* done anything on my system to add a root user or any user
with uid 0; and yet, seteuid(0) apparently succeeds.
> If you actually switch the user context, the application must not rely
> on having uid 0 == root or having uid 0 at all.
What's the recommended way of dealing with this? The code in the server
does something along the lines of:
seteuid(ROOT_UID)
setegid(gid)
setgroups(len, gids)
seteuid(uid)
(Error checking obviously ignored.) From what I can tell in the Cygwin
docs, the seteuid(ROOT_UID) call shouldn't be neccesary:
"Since Cygwin release 1.3.3, applications having the Create a process
level token user right can switch user context without giving a
password by just calling the usual setuid, seteuid, setgid and
setegid functions. This is typically only given to the SYSTEM user."
So, is the answer to remove the seteuid(ROOT_UID) call, and document
the requirement that the server be run under an account with the "Create
a process level token" right?
-Samrobb