This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sending email from Cygwin


At 10:14 AM 7/15/2004 +1000, luke.kendall@cisra.canon.com.au wrote:
>On 14 Jul, Pierre A. Humblet wrote:

(That message was rejected by the list spam filter,
 I hope this one will make it through)

>>  >     exim -oi luke < /tmp/sample 
>>  >  
>>  > I got this error: 
>>  >  
>>  > set{u,g}id failed: 22 
>>  > 2004-07-14 10:48:44 unable to set gid=544 or uid=18 (euid=11021):
privilege not needed 
>>  >  
>>  > (Which I assume means the opposite: that some privilege *is* needed.) 
>>   
>>  The first error message above is from Cygwin specific startup code that 
>>  tries to deal with the fact that there is no suid in Windows.  
>>  It's the first such error report.  
>>  What versions of Windows, Cygwin and exim are you using? 
>>  Did you give yourself unusual privileges? 
>>   
>>  Could you send the outputs of  "exim -c" and "id"? 

<snip>

>$ id
>uid=11021(luke) gid=10513(Domain Users) groups=12919(adaytum),10513(Domain
Users),13876(MS_VisualStudio),15155(RitaTS),13761(ZoneAlarm)
>$ exim -c
>CYGWIN = " nobinmode". Root / mapped to C:\cygwin.
>set{u,g}id failed: 22
>Starting uid 11021, gid 10513, ntsec 1, privileged 1.
>root_uid 11021, exim_uid 18, exim_gid 544.
>setgid 10513 10513 0 pid: 3124
>setuid 11021 11021 0 pid: 3124
>setgid 10513 10513 0 pid: 3124
>setuid 11021 11021 0 pid: 3124
>setgid 544 10513 -1 pid: 3124
>2004-07-15 10:02:26 unable to set gid=544 or uid=18 (euid=11021):
privilege not needed
>
>Should I attach a full cygcheck?  I'm running Windows XP Professional,
>sp1, on a laptop; the cygwin version was initially installed several
>years ago, and I update regularly - last time a few weeks ago.

Thanks for the feedback.

The problem is that the exim startup code thinks that you are a privileged
user (see "privileged 1" above). It does that by checking that you have the
"Create Token" privilege (you have not answered my question about having
given yourself unusual privileges). 
However you are not in the admins group (544), so you can't setuid after
all.

If you don't have that privilege, there is a bug somewhere. That will require
more testing.
If you have it, I would recommend that you remove it. It opens vulnerabilities
for no good reason, AFAIK.
If there is no bug, I will modify exim to take care of your peculiar
environment.
That will be with the next official release.
 
>$ uname -a
>CYGWIN_NT-5.1 DOYLE 1.5.10(0.116/4/2) 2004-05-25 22:07 i686 unknown
unknown Cygwin
>

Pierre

P.S.: On normal Unix systems exim is a suid program starting as root.
When it's not necessary to be root, it setuid to a non privileged account.
That explains the "privilege not needed" comment in the error message. 
That call fails in your case because you are not privileged enough :(

 


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]