This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: running MS link.exe under Cygwin sshd?
- From: Dave Korn <dave dot korn dot cygwin at googlemail dot com>
- To: cygwin at cygwin dot com
- Date: Sat, 01 Aug 2009 07:13:25 +0100
- Subject: Re: running MS link.exe under Cygwin sshd?
- References: <COL101-W36BBE2AAC62BCE7BE9CDE4E6110@phx.gbl>
Jay K wrote:
> http://social.msdn.microsoft.com/forums/en-US/vcgeneral/thread/eb49be0b-2a8c-4d55-8791-17e3cb1364c1
>
>
> " This issue is caused because cygwin does not implement a full login
> process. It tries to impersonate, but it looks to me as if it does not make
> the necessary call to LsaLogonUser. As a result, the wrong SID is in the
> token as the primary user. According to filemon, the debug server calls into
> secur32, which suggests that it is doing interpretive access control. It
> finds the service's SID instead of the users SID in some slot in the token
> that it gets via RPC, and then everything goes downhill from there.Why VS
> feels the need to put the PDB access in a separate process under separate
> access rights is very puzzling, but there it is. "
>
>
> Bug in Cygwin sshd?
No, it's because Cygwin does not implement a full login process. It tries to
impersonate, but because it does not make the necessary call to LsaLogonUser,
the wrong SID is in the token as the primary user. As a result, VS finds the
service's SID instead of the user's SID in some slot in the token that it gets
via RPC, and then everything goes downhill from there.
Why VS feels the need to put the PDB access in a separate process under
separate access rights is very puzzling, but there it is.
cheers,
DaveK
--
Perhaps you need to re-read the manual:
http://cygwin.com/1.7/cygwin-ug-net/ntsec.html#ntsec-setuid-overview
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple