Security patches

Corinna Vinschen cygwin-patches@cygwin.com
Wed May 8 04:15:00 GMT 2002


On Tue, May 07, 2002 at 10:30:50PM -0400, Pierre A. Humblet wrote:
> At 09:54 AM 4/12/2002 +0200, Corinna Vinschen wrote:
> >I hope you don't mind that I'm asking you to send the patch again
> >to cygwin-patches, relative to the current CVS. 
> 
> Here is the second installment. The only substantial change is that
> in __sec_user() sid1 is not obtained from cygheap->user.sid ()
> but from a new function getting the sid of the process token user.
> That is because we want the "old" sid, but cygheap->user.sid can
> already be the "new" sid.
> Instead of having this new function it would be more elegant to
> keep this important sid as a NO_COPY variable (initialized in
> dcrt0.cc), or perhaps in cygheap. It's largely a matter of taste.

We should get that SID easily:

  cygsid sid;
  sid.getfrompw (getpwuid (cygheap->user.orig_uid));

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.



More information about the Cygwin-patches mailing list