This is the mail archive of the cygwin-patches mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [Patch] Allow to disable root privileges with CYGWIN=noroot


Corinna Vinschen wrote:
I have a self-hacked version of such a tool which you can download
from here: http://cygwin.de/gettokinfo/

  `gettokinfo' prints everything except for the list of user rights.
  `gettokinfo foo' prints everything including the user rights.


Thanks. I added option -t to print the thread token, patch is attached.


Observation: When Cygwin spawns a process with CreateProcessAsUser(), the child process main thread has a token after startup.

$ ./gettokinfo -t
OpenThreadToken: 1008

$ ./cygdrop ./gettokinfo -t
Thread Token
Type: Impersonation
Impersonation Level: SecurityImpersonation
...

The problem is that some calls (from _cygtls?) to user.reimpersonate() appear between startup and uinfo_init(). uinfo_init() does not call RevertToSelf() after closing the inherited token.

Quick fix:

@@ -155,7 +161,7 @@ uinfo_init ()
   cygheap->user.curr_token_is_restricted = false;
   cygheap->user.setuid_to_restricted = false;
   cygheap->user.set_saved_sid ();      /* Update the original sid */
-  cygheap->user.reimpersonate ();
+  cygheap->user.deimpersonate ();
}

Typo ?

Christian

--- gettokinfo.cc.orig	2009-10-14 14:35:29.000000000 +0200
+++ gettokinfo.cc	2009-10-17 13:27:28.406250000 +0200
@@ -403,13 +403,40 @@
 int
 main (int argc, char **argv)
 {
-  HANDLE token;
+  bool p_flag = false, t_flag = false;
+
+  for (int ai = 1; ai < argc; ai++)
+    {
+      if (!strcmp (argv[ai], "-p"))
+	p_flag = true;
+      else if (!strcmp (argv[ai], "-t"))
+	t_flag = true;
+      else
+	{
+	  printf ("Usage: %s [-p] [-t]\n", argv[0]);
+	  return 1;
+	}
+    }
 
-  if (!OpenProcessToken (GetCurrentProcess (),
-                         MAXIMUM_ALLOWED, //TOKEN_QUERY|TOKEN_QUERY_SOURCE,
-                         &token))
-    return error ("OpenProcessToken");
-  print_token_info (token, argc > 1);
+  HANDLE token;
+  if (t_flag)
+    {
+      if (!OpenThreadToken (GetCurrentThread (),
+			    MAXIMUM_ALLOWED, //TOKEN_QUERY|TOKEN_QUERY_SOURCE,
+			    FALSE, // !OpenAsSelf ?
+			    &token))
+	return error ("OpenThreadToken");
+      printf ("Thread Token\n");
+    }
+  else
+    {
+      if (!OpenProcessToken (GetCurrentProcess (),
+			     MAXIMUM_ALLOWED, //TOKEN_QUERY|TOKEN_QUERY_SOURCE,
+			     &token))
+	return error ("OpenProcessToken");
+      printf ("Process Token\n");
+    }
+  print_token_info (token, p_flag);
   return 0;
 }
 

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]