If administrator setuid to a normal user, then call execvp failed.

dds810818 dds810818 dds810818@gmail.com
Wed Oct 10 16:07:00 GMT 2012 

My cygwin version:
$ cygcheck -c cygwin
Cygwin Package Information
Package              Version        Status
cygwin               1.7.15-1       OK

OS: winxp 64bit

My problem:
There are 3 users in my windows: user1, user2 and user3.
user1 is in administrators group and user group.
user2 is in administrators group.
user3 is in user group.

user1 has "Act as part of the operating system", "Replace process
level token", "Debug programs", "Logon as a service" permissions.
(Actually, it need a "Increase quotas" permission, but I can not find it.)

The program worked fine when convert from user1 to user2.
(Logon winxp by user1.)
./test user2 letmein

The program failed when convert from user1 to user3.
./test user3 letmein
But it worked if to run "sleep" in execvp as the code I commented on line 30.

Cloud anyone help to check this problem?
Thanks.


test.c
---------------------------------------------------------------------------------------
#include <stdio.h>
#include <unistd.h>
#include <windows.h>
#include <sys/cygwin.h>
#include <pwd.h>
#include <errno.h>

int main(int argc, char *argv[]){
	struct passwd *user_pwd_entry = getpwnam (argv[1]);
	char *cleartext_password = argv[2];
	
	printf("%s--%s--\n",argv[1],argv[2]);
	HANDLE token;
	/* Try to get the access token from Windows. */
	token = cygwin_logon_user(user_pwd_entry, cleartext_password);
	if (token == INVALID_HANDLE_VALUE) {
		printf("cygwin logon failed.\n");
		exit(1);
	}
	int res=0;
	/* Inform Cygwin about the new impersonation token. */
	cygwin_set_impersonation_token(token);
	printf("uid:%ld---gid:%ld\n", user_pwd_entry->pw_uid, user_pwd_entry->pw_gid);
		
	res = setuid(user_pwd_entry->pw_uid);
	if(res<0){
		printf("setuid failed of %d\n",EPERM);
	}
	printf("startup!\n");
//	char* comm[]={"sleep","30",NULL};
	char* comm[]={"notepad",NULL};
	res = execvp(comm[0],comm);
	printf("execvp end.");
	if(res !=0){
		perror("execvp error:");
	}
	return 0;
}
-----------------------------------------------------------------------------------------------------------------------

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list