This is the mail archive of the cygwin-developers mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On Feb 5 17:31, Corinna Vinschen wrote:On Feb 5 15:58, Shaddy Baddah wrote:I thought it was common knowledge that logging in to an Administrtors grouped user in Vista or Windows 7 is not enough to defeat the (default) UAC, and you remain unelevated from a privilege standpoint. That is why I have no choice but to unlock the genuine Administrator (and rename it just in case).
No, that's not quite correct. If you call LogonUser (or the cyglsa sort of password-less authentication) successfully, the system returns the non-elevated token as well as the elevated token as a so-called linked token. In case of pubkey authentication, Cygwin refers to the elevated token and uses that to switch the user context. In case of password authentication it does not do that so far.
In CVS it does now.
login as: shaddy shaddy@***-vista's password: Last login: Sun Feb 7 03:13:03 2010 from ***
shaddy@***-vista ~ $ id -a uid=1000(shaddy) gid=513(None) groups=545(Users),513(None)
login as: shaddy shaddy@***-vista's password: Last login: Sun Feb 7 03:20:40 2010 from ***
Thanks, Shaddy
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |