This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
At 10:04 PM 6/7/2003 +0200, Corinna Vinschen wrote: >I just had a look into the current login.c implementation on NetBSD. >It is using setuid/setgid. Actually it's using setusercontext(3) >but with all options set which implies setuid/setgid. Yes, using >only seteuid/setegid in login has to be considered an error which >just didn't matter so far. Corinna, here is the patch. It seems to work fine but it requires login.exe changes. It's not just a question of security. ash does not setuid, while bash setuid(getuid()), i.e. just the opposite of what we need. While I was looking at the most recent login.c I saw that you have added a seteuid (priv_uid). Ideally, shouldn't it still be effective while calling dolastlog()? It's weird that the Berkeley code didn't do that. There is also the issue raised by Takashi Yano on the list. I have thrown in the little exceptions.cc quoting patch. 2003-06-09 Pierre Humblet <pierre.humblet@ieee.org> * spawn.cc (spawn_guts): Call CreateProcess while impersonated, when the real {u,g}ids and the groups are original. Move RevertToSelf and ImpersonateLoggedOnUser to the main line. * uinfo.cc (uinfo_init): Reorganize. If CreateProcess was called while impersonated, preserve the uids and gids and call ImpersonateLoggedOnUser. Preserve the uids and gids on Win9X. * exceptions.cc (error_start_init): Quote the pgm in the command.
Attachment:
seteuid.diff
Description: Text document
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |