This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member

On Wed, Nov 13, 2002 at 10:35:09PM -0500, Pierre A. Humblet wrote:
> I would say that the comparison (on your example) of the existing method 
> and the current patch show that the current patch better reflects the 
> "reality", because it only tries to do so when the actual current token 
> groups are known and the "reality" is well defined (*). 

> (*) I just noticed that getgroups32 should read the impersonation token
> if it exists.

Isn't the impersonation token automatically read by OpenProcessToken()
when an impersonation took place?

> Thus I suggest that we use the method of the patch for now, and think
> of improving is_grp_member if/as we get specific reports of problems. 
> What do you think?

Do you mean my one liner?  If so, I agree.  My patch is just a starting

Could you then please resend the parts of your #1 patch we agreed upon?


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                      
Red Hat, Inc.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]