NFS server (final?)
Robb, Sam
sam.robb@timesys.com
Thu Feb 13 14:08:00 GMT 2003
> Only if you changed the uid of the Administrator account to 0 by hand.
I have *not* done anything on my system to add a root user or any user
with uid 0; and yet, seteuid(0) apparently succeeds.
> If you actually switch the user context, the application must not rely
> on having uid 0 == root or having uid 0 at all.
What's the recommended way of dealing with this? The code in the server
does something along the lines of:
seteuid(ROOT_UID)
setegid(gid)
setgroups(len, gids)
seteuid(uid)
(Error checking obviously ignored.) From what I can tell in the Cygwin
docs, the seteuid(ROOT_UID) call shouldn't be neccesary:
"Since Cygwin release 1.3.3, applications having the Create a process
level token user right can switch user context without giving a
password by just calling the usual setuid, seteuid, setgid and
setegid functions. This is typically only given to the SYSTEM user."
So, is the answer to remove the seteuid(ROOT_UID) call, and document
the requirement that the server be run under an account with the "Create
a process level token" right?
-Samrobb
More information about the Cygwin-apps
mailing list