This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Patch]: well_known_sids

From: "Pierre A. Humblet" <pierre at phumblet dot no-ip dot org>
To: cygwin-patches at cygwin dot com
Date: Wed, 04 Feb 2004 22:17:19 -0500
Subject: [Patch]: well_known_sids

When cygwin starts a process, it sets its security to allow
access by the Administrators. However this is not necessarily the
case when Windows starts a cygwin process. This results in various
anomalies, e.g. an admin user cannot signal/kill the top Cygwin process
started by a non-privileged user with fast user switching.
Similarly administrators may not have access to some file mappings.

Fixing that would be very easy if the well_known_sids were available
early at startup time. However they are recomputed late in the startup
sequence on exec, and copied from the parent in case of fork.

This patch simply stores the well_known_sids as NO_COPY variables,
eliminating all run time overhead and making them available during
the init sequence. That will be used in a subsequent patch.

Pierre

2004-02-04  Pierre Humblet <pierre.humblet@ieee.org>

	* security.h (SID): New macro.
	(well_known_*_sid): Change type to cygpsid.
	(cygsid::init): Delete declaration.
	* sec_helper.cc (well_known_*_sid): Define as cygpsid and initialize.
	(cygsid::init): Delete.
	* dcrt0.cc (dll_crt0_0): Do not call cygsid::init.
	* security.cc (get_user_local_groups): Change the second argument type to
cygpsid.

Attachment: sid.diff
Description: Text document

Follow-Ups:
- Re: [Patch]: well_known_sids
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]