Re: uw-imap-imapd: suggestions for cyg_server issue

[Shaddy Baddah <helium at shaddybaddah dot name>]

Hi,

On 12/02/2010 1:29 AM, Pierre A. Humblet wrote:
> At 06:11 PM 2/11/2010, Shaddy Baddah wrote:
<snip>
> > The problem with this patch is, for consistency, I would have had to
> > do the same for checkpw() in imap-2007/src/osdep/unix/ckp_cyg.c,
> > which also assumes SYSTEM RID. This had two problems, a) increased
> > complexity, b) my method to eliminate cyg_server is to eliminate
> > Administrators. Firstly, I wouldn't be able to check for this using
> > pure POSIX, as I don't get the luxury of getgroups() until after the
> > user is logged in. Secondly, many users are in the Administrators
> > group. It would not do to eliminate them from logging in. I would need
> > some other heuristic to detect the cyg_server user (if I want to avoid
> > a known names list, like csih helper).
> >
> > Thanks,
> > Shaddy
> >
> > PS: Respectfully, you may want to do
> > http://cygwin.com/acronyms/#PCYMTNQREAIYR to avoid the below
> > situation. Thanks in advance.
>
> Sorry for not removing your e-mail address, I try not to forget.

No worries. It's ok.

> I don't know imap nor the consequences of "performing the emulation"
> when it's not required,
> just avoiding using a fixed 544.
>
> A stronger test would be to get the privileges, but I don't know how to
> do that with Posix.
> Perhaps we could add a cygwin_internal() call to detect that, if it's
> really necessary.

I think I should correct my stance here. Using the word pure, as in
pure POSIX is too strong. What I meant mostly is that I wanted to keep
in with the POSIXness of the rest of uw-imapd, as well as the Cygwin
integration. I guess mostly incase the Cygwin maintainer wants to send
the patch upstream. (I was also a little scared of upstream, the
mailig list looks like a tougher audience than that sometimes
perceived of the cygwin ml).

Calling Cygwin specific API is a reasonable plan B (eg. calling
cygwin_set_impersonation_token() is absolutely necessary for
seteuid(), and I'd never suggest it shouldn't be there because it is
not POSIX). Calling w32api directly, a) is a little out of my depth b)
would seem to be diverting from the original implementation of the
cygwin integration.

> A Posix but somewhat cumbersome test would be to seteuid to any other
> existing uid (e.g. system).
> If it succeeds, it's privileged and you can setuid back to what you
> started from.
> Just brainstorming....

I like this idea. It did cross my mind that the real way to know if
you were SYSTEM-like was if you could seteuid().

The main thing here is, I'm not the uw-imap maintainer for Cygwin
(uw-imap-2007.README lists this as Dr. Volker Zell), so I think it
most helpful to provide a simple patch that at the very least draws
attention to why it is needed in the first place.

But I do appreciate the suggestions. If Dr. Volker Zell would prefer I
provide something a little more robust seeing I'm all setup for
patches, I of course would be willing to give it a try.

Best regards,
Shaddy