This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: security.cc: bug report, question and suggestion


At 07:41 PM 1/23/02 +0100, Corinna Vinschen wrote:
>On Wed, Jan 23, 2002 at 01:22:29PM -0500, Pierre A. Humblet wrote:
>> OK, but can you give suggestions about how to debug processes 
>> started under cygrunsrv? I tried to have cygrunsrv start a shell
>> and put strace in the shell script. However the problem does not 
>> occur with this setup, only when the program is started directly.
>> Is there a way to produce Cygwin internal debug output without strace?
>
>Have a look into `how-to-debug-cygwin.txt' in the cygwin source
>directory.  You can use the CYGWIN_SLEEP technique, for instance.

Corinna,

Sorry for the delay, I have been sidetracked. Here is an 
explanation and a fix for the problem of incorrect uid
when the Cygwin and Windows usernames differ.
 
The passwd file is only scanned when starting a process from Windows,
or following seteuid().
When ntsec is not defined, internal_getlogin matches the
Windows username with the pw_name's in passwd to find the uid.
When ntsec is defined, internal_getlogin scans passwd by sid's.
Cygwin user names can then be different from Windows user names.

In my case the program was running as a service under cygrunsrv. 
ntsec was not defined in the environment of the service manager, 
but only as a -e CYGWIN= argument to cygrunsrv. 
When cygrunsrv started it didn't find the Windows username in pw_name
and used the default uid. When the service application started, with
ntsec, it didn't scan the passwd file because cygrunsrv is a Cygwin 
process. Thus the username and uid were incorrect under ntsec...

The same problem happens when a user with a Cygwin username
different from Windows starts without ntsec.

I saw 4 possible solutions.
1) Mandate ntsec if Cygwin and Windows user names differ.
Not so good. /etc/passwd is a shared resource and different users
may have different ntsec preferences. Unexpected situations can 
occur.

2) Have the parent process notice that CYGWIN was changed and
force the child to rescan /etc/passwd
Complicated.

3) Rescan /etc/passwd if ntsec is defined and the uid is the 
default (= administrator).
OK, but users running as administrator will be slowed down.

4) Always scan /etc/passwd for sid (on NT/2000/XP). If no success,
rescan based on Windows username.
A little inefficient at startup if ntsec is not enabled, but most 
flexible [the two searches can also be combined, possible 
optimization].

The attached uinfo.diff file implements solution 4.
It also does not set primary group in the token (useless).

I have also been burned by missing details in how-to-debug-cygwin.txt
and attach another diff file to improve it.

Pierre

Attachment: uinfo.diff
Description: Text document

Attachment: how-to-debug-cygwin.diff
Description: Text document

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]