This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: security.cc: bug report, question and suggestion


On Tue, Jan 29, 2002 at 09:32:06PM -0500, Pierre A. Humblet wrote:
> When ntsec is not defined, internal_getlogin matches the
> Windows username with the pw_name's in passwd to find the uid.
> When ntsec is defined, internal_getlogin scans passwd by sid's.
> Cygwin user names can then be different from Windows user names.
> 
> In my case the program was running as a service under cygrunsrv. 
> ntsec was not defined in the environment of the service manager, 
> but only as a -e CYGWIN= argument to cygrunsrv. 
> When cygrunsrv started it didn't find the Windows username in pw_name
> and used the default uid. When the service application started, with
> ntsec, it didn't scan the passwd file because cygrunsrv is a Cygwin 
> process. Thus the username and uid were incorrect under ntsec...
> 
> The same problem happens when a user with a Cygwin username
> different from Windows starts without ntsec.
> 
> I saw 4 possible solutions.
> 1) Mandate ntsec if Cygwin and Windows user names differ.
> Not so good. /etc/passwd is a shared resource and different users
> may have different ntsec preferences. Unexpected situations can 
> occur.

But that's the whole point of having `ntsec' on.  As I described in
the ntsec docs (http://cygwin.com/cygwin-ug-net/ntsec.html) having a
Cygwin username different from the Windows username is explicitely
a property of `ntsec'.  Having a different username is not supported
w/o ntsec.

Besides that, I can't suggest using ntsec for one user but nontsec
for another user.  This results in weird effects for the user who's
not using ntsec.  According to the `ls -l' output she has access to
file "foo" but a `cat foo' returns "Permission denied".  I admit
that that also may happen with ntsec on, due to the complexity of
NT permissions which aren't reflected by the `ls -l' output.  But the
surprises should be few.

> 4) Always scan /etc/passwd for sid (on NT/2000/XP). If no success,
> rescan based on Windows username.
> A little inefficient at startup if ntsec is not enabled, but most 
> flexible [the two searches can also be combined, possible 
> optimization].

I think you're right that we should always look for the SID in
/etc/passwd at that point.  The problem is exactly the startup of
cygrunsrv with no CYGWIN setting in the system environment.  I'm
so used to having the usual "CYGWIN=binmode ntsec tty" in my system
environment that I'd never seen that problem.

> The attached uinfo.diff file implements solution 4.
> It also does not set primary group in the token (useless).

No, it's not useless.  If this process starts non-Cygwin processes
this processes will set the users primary group given in /etc/passwd
as primary group for created files.  That's intended.  I will not
remove that.

However, I have some problems with your patch to uinfo.cc.

- It eliminates the opening brace at line 130 but it eliminates an
  unrelated closing brace at line 193.  The corresponding closing
  brace would be in line 212.  Is that planned - and if so, why -
  or is that just an accident?
- The formatting isn't correct anymore after eliminating the braces.
- I'm missing a ChangeLog entry for that patch.

Could you please resubmit your patch with these changes to the
cygwin-patches mailing list?  And would you mind to send a copyright
assignment form as described on http://cygwin.com/contrib.html?

Thanks for tracking that down.  This could explain some of the
problems people have starting sshd, perhaps.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]