This is the mail archive of the
mailing list for the Cygwin project.
Help with sgid into the Administrators group (or alternatives?)
- From: Sam Habiel <sam dot habiel at gmail dot com>
- To: cygwin at cygwin dot com
- Date: Wed, 6 Jun 2018 09:20:49 -0400
- Subject: Help with sgid into the Administrators group (or alternatives?)
I am continuing to port GT.M to Cygwin
The database has a suid program that is marked u+s (root suid) on the
file permissions so that it can run as root whenever invoked. One of
the first things it does is cd to another directory that is owned by
root and is not accessible by anybody else.
Cygwin doesn't have the concept of root; so I am trying to implement
this by sgid into the Adminstrators group (544) from a limited user
account (i.e., set-up that way on Windows). The executable, instead of
being suid root, is sgid Adminstrators. The sgid C call apparently
succeeds when I run it from gdb, but the C chdir instruction fails.
I read https://cygwin.com/cygwin-ug-net/ntsec.html; but haven't done
anything it says. After all, the sgid call apparently succeeded.
My question is: am I on the right path; or is Windows and Cygwin being
reasonable in denying my request to chdir when the user is not a
member of the Administrators group, in spite of the executable being
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple