This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
On Thu, Nov 14, 2002 at 06:23:23PM +0100, Corinna Vinschen wrote:
> On Thu, Nov 14, 2002 at 12:03:24PM -0500, Pierre A. Humblet wrote:
> > If you are emulated, you already have the token in the cygheap->user.
> > There is no need to open the thread, see how it's done e.g.in setegid.
>
> Good point.
>
> > You want to know if the file owner uid is in the group of the file gid.
> > Write a new routine scanning the /etc/group file until you find the gid.
> > Then scan the members of that group to see if the uid is in it.
> > That's it (well, there will be mutex too, against threads rereading /etc/group).
>
> Also a good point. I'm going to rewrite is_grp_member().
I've checked in a patch to getgroups32() and is_grp_member().
getgroups32() now only makes sense for the current user again. It uses
the impersonation token if impersonated.
is_grp_member() calls getgroups32() only for the current user and
scans passwd and group otherwise, trying to be more efficient.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
- References:
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member
- Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member