This is the mail archive of the cygwin-patches mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [Patch] Allow to disable root privileges with CYGWIN=noroot

From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
To: cygwin-patches at cygwin dot com
Date: Sun, 18 Oct 2009 11:07:21 +0200
Subject: Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
References: <20091004200843.GK4563@calimero.vinschen.de> <4ACFAE4D.90502@t-online.de> <20091010100831.GA13581@calimero.vinschen.de> <4AD243ED.6080505@t-online.de> <20091013102502.GG11169@calimero.vinschen.de> <4AD4E38A.2050301@t-online.de> <20091014104003.GA24593@calimero.vinschen.de> <1My1yO-0KvdnE0@fwd09.aul.t-online.de> <20091014120237.GA27964@calimero.vinschen.de> <4AD9B646.5000906@t-online.de>
Reply-to: cygwin-patches at cygwin dot com

On Oct 17 14:19, Christian Franke wrote:
> Observation: When Cygwin spawns a process with CreateProcessAsUser(), the 
> child process main thread has a token after startup.
>
> $ ./gettokinfo -t
> OpenThreadToken: 1008
>
> $ ./cygdrop ./gettokinfo -t
> Thread Token
> Type: Impersonation
> Impersonation Level: SecurityImpersonation
> ...
>
> The problem is that some calls (from _cygtls?) to user.reimpersonate() 
> appear between startup and uinfo_init(). uinfo_init() does not call 
> RevertToSelf() after closing the inherited token.
>
> Quick fix:
>
> @@ -155,7 +161,7 @@ uinfo_init ()
>    cygheap->user.curr_token_is_restricted = false;
>    cygheap->user.setuid_to_restricted = false;
>    cygheap->user.set_saved_sid ();      /* Update the original sid */
> -  cygheap->user.reimpersonate ();
> +  cygheap->user.deimpersonate ();
> }
>
> Typo ?

Oversight, it seems.  The reimpersonate call was ok in Cygwin 1.5 since
the process was always running under an impersonation token and
reimpersonate() looked different back then.

Thanks for catching!


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

References:
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Corinna Vinschen
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Christian Franke
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Corinna Vinschen
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Christian Franke
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Corinna Vinschen
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Christian Franke
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Corinna Vinschen
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Christian Franke
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Corinna Vinschen
- Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
  - From: Christian Franke

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]