Corinna or Pierre please comment? [ Re: setuid() problem when disconnected from PDC under 1.3.12-2]

Jason Tishler
Mon Jul 15 05:51:00 GMT 2002


On Mon, Jul 15, 2002 at 11:07:33AM +0200, Corinna Vinschen wrote:
> So, basically the current implementation is more correct than the old
> implementation.  I don't see how to make it better.

But, the current implementation causes sshd and cron to fail for domain
users when their server is disconnected from its PDC.  IMO, this is not

> [snip]
> We *could* change it this way to succeed more often:
>   GetPDC();
>   if (has_pdc)
>     {
>       get_domain_groups_of_account();
>       get_local_groups_of_account();
>       if (!has_primary_group)
> 	get_primary_group_of_account();
>     }
>   if (!has_primary_group)
>     get_primary_group_from_etc_passwd();
>   get_supplementary_groups_from_etc_group();
> That could leave you with a somewhat restricted token, though.

I haven't fully evaluated the above ramifications, but IMO, some
relaxation of the current implementation is needed.

What do others think?


More information about the Cygwin-developers mailing list