This is the mail archive of the
mailing list for the Cygwin project.
Re: security.cc: bug report, question and suggestion
On Sat, Dec 29, 2001 at 03:23:01PM -0500, Pierre A. Humblet wrote:
> Bug in security.cc:
> The intent of open_local_policy() is to return an INVALID
> handle if the call to LsaOpenPolicy() fails. Unfortunately
> the failed call changes the value of lsa. The fix is obvious.
Thanks for the heads up. I've checked in a patch.
> Breakpoint 3, open_local_policy () at /src/winsup/cygwin/security.cc:183
> 184 LSA_HANDLE lsa = INVALID_HANDLE_VALUE;
> (gdb) s
> 186 NTSTATUS ret = LsaOpenPolicy(NULL, &oa, POLICY_ALL_ACCESS, &lsa);
> (gdb) p lsa
> is the Policy Object only accessible by administrators
> or is there some ACL that can be set? I was unable
> to find info on the Microsoft site.
AFAIK, it's accessible by everyone but it's only changable
by administrators. I've checked in a patch so that the
call to LsaOpenPolicy() only requests the needed user rights.
> In cygrunsrv.README, could you add that the user specified
> with -u must have the "Logon as a service" privilege?
Done. But I will not upload a new version of cygrunsrv just for
a change to the README.
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:email@example.com
Red Hat, Inc.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html