Windows 2003

Igor Pechtchanski pechtcha@cs.nyu.edu
Fri Jul 11 12:44:00 GMT 2003


On Fri, 11 Jul 2003, Corinna Vinschen wrote:

> On Thu, Jul 10, 2003 at 05:05:55PM -0400, Pierre A. Humblet wrote:
> > I just reread the CreateProcessAsUser page. We do a RevertToSelf, so
> > we access the executable image in the security context of the caller.
> > Accessing C:\cygwin\bin\bash.exe isn't the issue, the error message
> > must be about some other path...
>
> I've just got it working with a non-SYSTEM user under which sshd is
> running.  The problem was a still missing user privilege.  The user
> starting sshd as service needs not only the "Create a token object"
> but also the "Replace a process level token" privilege, otherwise
> the CreateProcessAsUser fails.  After finding it it suddenly is clear
> why it didn't work.
>
> Corinna

I guess it pays to read your own documentation:
<http://cygwin.com/cygwin-ug-net/ntsec.html#NTSEC-SETUID>... ;-)

Should the above be updated with new privileges for Win2003, BTW?
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster."  -- Patrick Naughton



More information about the Cygwin-developers mailing list