This is the mail archive of the cygwin-cvs@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[newlib-cygwin] Handle WinFSP nobody account


https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=1a988fc6baa00ea157c743fc87a8c9b08ea79a46

commit 1a988fc6baa00ea157c743fc87a8c9b08ea79a46
Author: Corinna Vinschen <corinna@vinschen.de>
Date:   Wed Jun 29 17:12:38 2016 +0200

    Handle WinFSP nobody account
    
    Per discussion started at
    https://cygwin.com/ml/cygwin/2016-06/msg00347.html
    
    S-1-0-65534 == uid/gid 65534 == nodomain+nobody
    
    Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

Diff:
---
 winsup/cygwin/uinfo.cc | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
index 247131d..bc2a2d8 100644
--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@@ -1894,6 +1894,14 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
 	}
       if (!ret)
 	{
+	  if (!strcmp (arg.name, "nodomain+nobody"))
+	    {
+	      /* Special case "nobody" for reproducible construction of a
+		 nobody SID for WinFsp and similar services.  We use the
+		 value 65534 which is -2 with 16 bit uid/gids. */
+	      csid.create (0, 1, 0xfffe);
+	      break;
+	    }
 	  debug_printf ("LookupAccountNameW (%W), %E", name);
 	  return NULL;
 	}
@@ -2004,6 +2012,15 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
 	  sid = logon_sid;
 	  break;
 	}
+      else if (arg.id == 0xfffe)
+	{
+	  /* Special case "nobody" for reproducible construction of a
+	     nobody SID for WinFsp and similar services.  We use the
+	     value 65534 which is -2 with 16 bit uid/gids. */
+	  csid.create (0, 1, 0xfffe);
+	  sid = csid;
+	  break;
+	}
       else if (arg.id < 0x10000)
 	{
 	  /* Nothing. */
@@ -2428,6 +2445,17 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
 	  return NULL;
 	}
     } 
+  else if (sid_id_auth (sid) == 0 && sid_sub_auth (sid, 0) == 0xfffe)
+    {
+      /* Special case "nobody" for reproducible construction of a
+	 nobody SID for WinFsp and similar services.  We use the
+	 value 65534 which is -2 with 16 bit uid/gids. */
+      uid = gid = 0xfffe;
+      wcpcpy (dom, L"nodomain");
+      wcpcpy (name = namebuf, L"nobody");
+      fully_qualified_name = true;
+      acc_type = SidTypeUnknown;
+    }
   else if (sid_id_auth (sid) == 5 /* SECURITY_NT_AUTHORITY */
 	   && sid_sub_auth (sid, 0) == SECURITY_LOGON_IDS_RID)
     {


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]