how to determine if a shell is running as Administrator?
Corinna Vinschen
corinna-cygwin@cygwin.com
Thu Feb 5 11:39:00 GMT 2015
On Feb 5 12:08, Achim Gratz wrote:
> Corinna Vinschen writes:
> >> 2. Parse the output of groups or id -G. I can't find any reliable way to do
> >> this. For example on my host, when I start a shell with "Run as administrator",
> >> the new group I get isn't 544 (Administrators). It's 114 (Local account and
> >> member of Administrators group). Is that at all portable or reliable?
> >
> > Huh? There is no such group in Windows. Where does it come from?
>
> Yes there is, at least on Windows 8.1N Core and Server 2012R2. In fact
> there are two new SID:
>
> 113 (Local account)
> 114 (Local account and member in Administrators group)
>
> http://blogs.technet.com/b/secguide/archive/2014/09/02/blocking-remote-use-of-local-accounts.aspx
> https://msdn.microsoft.com/en-us/library/cc980032.aspx
Thanks for the info. Now I remember that I saw them already at one
point, but I never had a deeper look what they actually are good for.
However, the user token of such a user still contains the Administrators
group (I just tested it) and thus the `id -G' test for 544 (or 0 with
the old "root" entry in /etc/group) is still valid.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20150205/8f6fc7c8/attachment.sig>
More information about the Cygwin
mailing list