This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
At 10:04 PM 6/7/2003 +0200, Corinna Vinschen wrote:
>I just had a look into the current login.c implementation on NetBSD.
>It is using setuid/setgid. Actually it's using setusercontext(3)
>but with all options set which implies setuid/setgid. Yes, using
>only seteuid/setegid in login has to be considered an error which
>just didn't matter so far.
Corinna,
here is the patch.
It seems to work fine but it requires login.exe changes. It's
not just a question of security. ash does not setuid, while bash
setuid(getuid()), i.e. just the opposite of what we need.
While I was looking at the most recent login.c I saw that you have
added a seteuid (priv_uid). Ideally, shouldn't it still be effective
while calling dolastlog()? It's weird that the Berkeley code didn't do
that. There is also the issue raised by Takashi Yano on the list.
I have thrown in the little exceptions.cc quoting patch.
2003-06-09 Pierre Humblet <pierre.humblet@ieee.org>
* spawn.cc (spawn_guts): Call CreateProcess while impersonated,
when the real {u,g}ids and the groups are original.
Move RevertToSelf and ImpersonateLoggedOnUser to the main line.
* uinfo.cc (uinfo_init): Reorganize. If CreateProcess was called
while impersonated, preserve the uids and gids and call
ImpersonateLoggedOnUser. Preserve the uids and gids on Win9X.
* exceptions.cc (error_start_init): Quote the pgm in the command.
Attachment:
seteuid.diff
Description: Text document
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |