Question about UAC and bash/cygwin

Linda Walsh cygwin@tlinx.org
Thu Aug 16 22:46:00 GMT 2012


Lord Laraby wrote:
> 
> I'll give that a go as a start. But, I would still like to see by
> Cygwin uid shown as 0 when I am elevated. Because it's the same as the
> windows equivalent of su.
---
	I think where you are confused is that cygwin's shell is
elevated all the time if you are running as admin...

It's *almost* like the good ole days when you owned your machine
and you were the only one on it..... but not quite..

cygwin can't directly access 64-bit resources and is therefor subject
to path redirection.

But if you put the 'right' values in your groups file:
when you type id you will see not only your groups, but your tokens as well (if 
you've
populated your group file).

> id
uid=1001(lindaw) gid=544(Administrators) 
groups=544(Administrators),11(Authenticated 
Users),513(None),545(Users),555(Remote Desktop Users),1005(lawgroup),12288(High 
Mandatory Level)

So ... from the above, I am in group "root" (which is called Administrators and 
has a value
of 544 on windows) I'm in the authenticated users group (I'm logged in).
513 is for Domain Users, but for a standalone machine... cygwin defaults it to none.

and the HighMandatory is my integrity...

Values for those in /etc/group would be:

High Mandatory Level:S-1-16-12288:12288:
System Mandatory Level:S-1-16-16384:16384:
Protected Mandatory Level:S-1-16-20480:20480:
Secure Mandatory Level:S-1-16-28672:28672:

I also have this for Trusted Installer, but it may be specific to my system:

TrustedInstaller:S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420:1809340420

If you want to see yourself in group root, you can add this
to your /etc/group file:
root:S-1-5-32-544:0:
               ^^^--- notice the 544 -- that's the number windows uses

you should have an entry in your group file like:

Administrators:S-1-5-32-544:544:
                          ^^^^^ that's the real Admin/root group, and it 
normally is mapped to
the number windows uses.

Some other group entries that might come in handy:

SERVICE:S-1-5-6:6:
Authenticated Users:S-1-5-11:11:
SYSTEM:S-1-5-18:18:
Local Service:S-1-5-19:19:
Network Service:S-1-5-20:20:
Administrators:S-1-5-32-544:544:
Users:S-1-5-32-545:545:
Guests:S-1-5-32-546:546:
Power Users:S-1-5-32-547:547:
Remote Desktop Users:S-1-5-32-555:555:

Does that help clarify anything Lord?


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list