Windows 2003

Pierre A. Humblet Pierre.Humblet@ieee.org
Thu Jul 10 19:57:00 GMT 2003



Corinna Vinschen wrote:
> 
> On Thu, Jul 10, 2003 at 03:07:04PM -0400, Pierre A. Humblet wrote:
> > I assume you have run your token printing routine on the thread token,
> > after the setuid (fishing expedition, just to see..)
> 
> Sure.

I meant printing the token after the setuid.
That would require writing a special program (instead of using sshd)
and running it from the shell of the privileged user.

Something like

main()
{
   ret = setuid(some_uid);
   if  (ret) { .. }
   
   ret = OpenThreadToken(....   , & handle);

   your_print_routine(handle);

   ret = execve("/bin/id", argv, environ);

   if (ret) {   } 
}



More information about the Cygwin-developers mailing list