This is the mail archive of the
cygwin-developers@sources.redhat.com
mailing list for the Cygwin project.
Re: seteuid ?
- To: cygdev <cygwin-developers at sources dot redhat dot com>
- Subject: Re: seteuid ?
- From: Corinna Vinschen <vinschen at cygnus dot com>
- Date: Mon, 02 Oct 2000 14:15:30 +0200
- References: <20001002113423.17709.qmail@web113.yahoomail.com>
- Reply-To: cygdev <cygwin-developers at sources dot redhat dot com>
Earnie Boyd wrote:
> I need to
> be able to su root in order to have some daemon programs I'm trying to port
> think that I'm UID=0.
>
> Now, I could modify the daemon but IMO I shouldn't have to. So, what in your
> opinion is the best way to implement this scenario in Cygwin? I understand
> that the ability to maintain the current function is probably wanted so
> something like ntsec=workstation is going to be necessary.
My opinion is in fact that you should modify the daemon. I did that
for OpenSSH, too. Porting to NT has the unfortunate effect that you
have to drop the special meaning of UID 0. You have three choices,
AFAICS:
- Worst: Drop all tests for UID. It's currently implemented that way in
OpenSSH as well.
- Medium: Change to test for member of Administrators. You can get that
by calling NetUserGetInfo(NULL, username, 1, buf) and checking for
buf->usri1_priv == USER_PRIV_ADMIN. However, this check isn't valid
for LocalSystem which you would need to check explicitly.
- Best: Check explicitly for one or more user rights by calling
GetTokenInformation(..., TokenPrivileges, ...).
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@sources.redhat.com
Red Hat, Inc.
mailto:vinschen@cygnus.com