This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: 'su' no longer working?


On Mon, 9 Jan 2006, Eric Blake wrote:

> According to Igor Peshansky on 1/9/2006 6:04 AM:
> >
> > Right, that's pretty much what I was asking for above.  Eric, if it
> > helps, I can look into submitting the patch later this week, though I
> > haven't looked at the coreutils code in a while, so it might take some
> > time to understand the specifics.
>
> I've already been playing some with a cygwin-specific patch.  Using the
> tips at http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid, I have
> already gotten a working implementation that will switch user context on
> NT machines with a password.  But I still want to get passwordless
> switching working where possible.  The patch should apply to src/su.c
> provided in the 5.93-2 source tarball from setup.exe, as a starting
> point for your hacking.

Ok, thanks, I'll play around with it...

> Speaking of which, I noticed that in my attached patch (work in
> progress), I got a failure return for PrivilegeCheck on my NT machine
> when run as SYSTEM, even though my understanding is that on NT, SYSTEM
> has the privileges of passwordless context switching.  Any ideas what I
> might need to fix to make this check more robust, short of just trying a
> setuid() to see if it will succeed without first doing the
> cygwin_logon_user()/cygwin_set_impersonation_token() check?

Heh, what's wrong with doing that?  If setuid() fails, try it with a
password -- I can't think of any caveats, frankly...  Corinna?
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_	    pechtcha@cs.nyu.edu | igor@watson.ibm.com
ZZZzz /,`.-'`'    -.  ;-;;,_		Igor Peshansky, Ph.D. (name changed!)
     |,4-  ) )-,_. ,\ (  `'-'		old name: Igor Pechtchanski
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough in
that!" -- Rostand, "Cyrano de Bergerac"


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]