This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: exec after seteuid


Corinna Vinschen wrote:
> 
> On Mon, Jun 09, 2003 at 12:43:13PM -0400, Pierre A. Humblet wrote:
> > Corinna Vinschen wrote:
> > > it changes the impersonated access token if priv_gid is in the group
> > > list of the new users token.
> >
> > Nope. The token is only changed by set(e)uid(), never by set(e)gid().
> > Set(e)gid only changes the default group in the token, not the token
> > itself (that's your design, or perhaps even older, and it's just fine).
> 
> There's SetTokenInformation(TokenPrimaryGroup) called in setegid32.

Yes, but it's a misleading name. It only affects the (default) group of
files created by Windows programs launched by Cygwin.
Also, starting with Win2000, such a call will fail in the case when the
group given as argument is not in the token groups.

> > But the intermediate switch back to 18 will then create a new token and
> > discard the token given by cygwin_set_impersonation_token.
> 
> Why should it?  If the group hasn't changed before, the seteuid(priv_uid)
> reverts to the original uid/gid combination.  That's exactly the case
> which should result in calling RevertToSelf() and nothing else.

Right, but if the gid hasn't changed before, the initial setuid(user) may
have created a new token (and discarded the token we want to use :( ).
See previous mail. Otherwise you end up running with a gid that's not in
your token groups. That can lead to all kinds of troubles.

Pierre


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]