This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Regression: errno returned by seteuid and companions incorrect

From: Houder <houder at xs4all dot nl>
To: cygwin at cygwin dot com
Date: Tue, 26 Mar 2019 10:55:38 +0100
Subject: Regression: errno returned by seteuid and companions incorrect

Corinna,

As result of the removal of create_token() (sec_auth.cc) in the callflow

of seteuid32(), something like:

@@ cat seteuid.c
int
main()
{
    errno = 0;
    if (seteuid( (uid_t)1004) != 0) { // 1004 = uid of different user

printf("seteuid: errno = %d, errstr = %s\n", errno,strerror(errno) );

    } else printf("1004, OK\n");
}

returns an INCORRECT errno(http://man7.org/linux/man-pages/man2/seteuid.2.html)


64-@@ ./seteuid
seteuid: errno = 13, errstr = Permission denied ... huh? WRONG!

On Linux this simple "Simple Test Case" will result in:

@@ seteuid: errno = 1, errstr = Operation not permitted

-----
Before the introduction of "Service for User Logon" (s4u), calling
seteuid (or companions) would eventually result in

 - calling create_token, which in turn would call
 - NtCreateToken

If NtCreateToken() failed, it returned the following status:

 - STATUS_PRIVILEGE_NOT_HELD ((NTSTATUS)0xC0000061), which would
   map to:
 - ERROR_PRIVILEGE_NOT_HELD __MSABI_LONG(1314), which in turn would
   map to:
 - errno = EPERM (1, i.c. "Operation not permitted")

See errmap[],
  geterrno_from_nt_status() and
  geterrno_from_win_error() in winsup/cygwin/errno.cc

-----
Om my system I have fixed this regression as follows:

64-@@ uname -a
CYGWIN_NT-6.1 Seven 3.0.4(0.338/5/3) 2019-03-26 08:25 x86_64 Cygwin

I applied the following hack to winsup/cygwin/sec_auth.cc:

1496 HANDLE

1497 s4uauth (bool logon, PCWSTR domain, PCWSTR user, NTSTATUS&ret_status)

1498 {
...
1525   if (logon) // true in the call flow from seteuid32()
1526     {
1527       /* Register as logon process. */
1528       debug_printf ("Impersonation requested");
1529       RtlInitAnsiString (&name, "Cygwin");

1530 status = LsaRegisterLogonProcess (&name, &lsa_hdl,&sec_mode);

1531     }
1532   else
1533     {
1534       /* Connect untrusted to just create a identification token */
1535       debug_printf ("Identification requested");
1536       status = LsaConnectUntrusted (&lsa_hdl);
1537     }
1538   if (status != STATUS_SUCCESS)
1539     {
1540       debug_printf ("%s: %y", logon ? "LsaRegisterLogonProcess"

1541 : "LsaConnectUntrusted",status);

// Henri: HACK!

// LsaRegisterLogonProcess returnsSTATUS_PORT_CONNECTION_REFUSEDif (status == STATUS_PORT_CONNECTION_REFUSED) //((NTSTATUS)0xC0000041)// => EACCES... WRONG!

             {
               // status that was previously returned by NtCreateToken

status = STATUS_PRIVILEGE_NOT_HELD; //((NTSTATUS)0xC0000061) => EPERM

// STATUS_PRIVILEGE_NOT_HELD maps to ERROR_PRIVILEGE_NOT_HELD(1314),

           // which in turn maps to EPERM (1)
// Henri
1542       __seterrno_from_nt_status (status);
1543       goto out;
1544     }

Henri

Attached: errmapping-sorted.txt

Attachment: errmapping-sorted.txt
Description: Text document

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Follow-Ups:
- Re: Regression: errno returned by seteuid and companions incorrect
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]