This is the mail archive of the
mailing list for the Cygwin project.
Re: [RFC] Globally creating a user and a group "root"
At 12:33 PM 11/12/2003 +0100, Corinna Vinschen wrote:
>On Wed, Nov 12, 2003 at 05:37:33AM -0500, Pierre A. Humblet wrote:
>> At 10:56 AM 11/12/2003 +0100, Corinna Vinschen wrote:
>> >On Tue, Nov 11, 2003 at 01:22:50PM -0500, Pierre A. Humblet wrote:
>> >> It autodetects if it is privileged and, if so, setgid(544) & setuid(18)
>> >> to normalize its environment (that was done with Windows 2003 in mind).
>> >I don't understand. You were the one who figured out the 2003 problem
>> >with the SYSTEM account. So, erm...
>> No sure what you mean. Recall that when we setuid(18) we use the privileges
>> that are defined for SYSTEM in security.cc, not those that MS assigns on
>I don't understand the "that was done with Windows 2003 in mind".
>Setting the uid to 18 in exim seems counterproductive in that environment.
The problem I was addressing is that on 2003 users create a privileged
account with an arbitrary uid (up to now). On the other hand Exim (which is
suid on a real Unix system) enters a restricted mode if the uid isn't a
predefined hard coded value (0 on Unix, 18 in Cygwin). So I have a front
end that setuid to 18 if the real user is privileged. The main exim code only
sees 18 and behaves without restrictions.
>> By introducing the root user on 2003 we are undoing positive steps taken by
>Well, I don't see these steps as positive. To me it looks like healing
>the effect, not the cause. From my point of view, the whole authentication
>problems and the missing suid/sgid bit concept are a design flaw. YMMV.
OK, perhaps positive isn't the right word. But what MS did does increase