This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
security.cc: bug report, question and suggestion
- From: "Pierre A. Humblet" <Pierre dot Humblet at ieee dot org>
- To: cygwin at cygwin dot com
- Date: Sat, 29 Dec 2001 15:23:01 -0500
- Subject: security.cc: bug report, question and suggestion
Bug in security.cc:
The intent of open_local_policy() is to return an INVALID
handle if the call to LsaOpenPolicy() fails. Unfortunately
the failed call changes the value of lsa. The fix is obvious.
Breakpoint 3, open_local_policy () at /src/winsup/cygwin/security.cc:183
184 LSA_HANDLE lsa = INVALID_HANDLE_VALUE;
(gdb) s
186 NTSTATUS ret = LsaOpenPolicy(NULL, &oa, POLICY_ALL_ACCESS, &lsa);
(gdb) p lsa
$19 = 0xffffffff
(gdb) n
187 if (ret != STATUS_SUCCESS)
(gdb) p ret
$20 = -1073741790
(gdb) p lsa
$21 = 0x0
Question:
is the Policy Object only accessible by administrators
or is there some ACL that can be set? I was unable
to find info on the Microsoft site.
Suggestion
In cygrunsrv.README, could you add that the user specified
with -u must have the "Logon as a service" privilege?
Thanks
Pierre
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/