Corinna or Pierre please comment? [jason@tishler.net: Re: setuid() problem when disconnected from PDC under 1.3.12-2]
Jason Tishler
jason@tishler.net
Mon Jul 15 05:51:00 GMT 2002
Corinna,
On Mon, Jul 15, 2002 at 11:07:33AM +0200, Corinna Vinschen wrote:
> So, basically the current implementation is more correct than the old
> implementation. I don't see how to make it better.
But, the current implementation causes sshd and cron to fail for domain
users when their server is disconnected from its PDC. IMO, this is not
good.
> [snip]
>
> We *could* change it this way to succeed more often:
>
> GetPDC();
> if (has_pdc)
> {
> get_domain_groups_of_account();
> get_local_groups_of_account();
> if (!has_primary_group)
> get_primary_group_of_account();
> }
> if (!has_primary_group)
> get_primary_group_from_etc_passwd();
> get_supplementary_groups_from_etc_group();
>
>
> That could leave you with a somewhat restricted token, though.
I haven't fully evaluated the above ramifications, but IMO, some
relaxation of the current implementation is needed.
What do others think?
Thanks,
Jason
More information about the Cygwin-developers
mailing list