This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: suid bit on executables?


On Tue, 23 Mar 2004, Richard Troy wrote:

> On Tue, 23 Mar 2004, Igor Pechtchanski wrote:
>
> > FYI, Cygwin implements /dev/conin and /dev/conout, so, perhaps, the
> > approach suggested in <http://cygwin.com/ml/cygwin/2004-03/msg00259.html>
> > would be helpful (or something along those lines).
>
> Thanks, Igor, I'll look into that in a minute...
>
> > OTOH, once cygserver is in place, we'll have a working "su" (which is
> > exactly what you want, right?).
> >       Igor
>
> No, what I need is _very_ different. The requirement is for a program that
> runs as a different user without that user having any special privileges
> themselves and without the ability to log in, or run other programs as
> that other user. On Unix (and Unix clones), there's a concept of the "suid
> bit" which is set in the file system and associated with executable
> programs (and on many implementations, executable shell scripts too). When
> any user, including root, executes a program with the suid bit set, the
> program runs just like any other program except that it runs in the user
> context of the file's owner, NOT as the user who called the program. In
> contrast, su requires that the caller have the password of the account in
> question...
>
> That said, a "working su" program _should_ be able to be used as the
> foundation of an implementation of an exec call where the suid bit is set.
> Corinna hinted that W2003 makes things harder and I haven't any idea why,
> but it figures that Windows would try very hard to ensure that nothing
> else is compatible with Windows. -frown-
>
> Regards,
> Richard

Richard,

The functionality of "su" and the "suid bit" is the same.  Aside from
privilege checking, both require the ability to have any user set its
effective user id to that of another user.  This is currently not possible
in Windows without opening a whole set of security holes.  By default, the
only account able to switch user contexts is SYSTEM.  Reading
<http://cygwin.com/cygwin-ug-net/ntsec.html> should provide some insights.
Win2003 makes it harder because the appropriate privileges aren't assigned
to SYSTEM by default, as they were in the previous versions of Windows.
HTH,
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster."  -- Patrick Naughton

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]