Security patches

Corinna Vinschen
Wed May 8 04:15:00 GMT 2002

On Tue, May 07, 2002 at 10:30:50PM -0400, Pierre A. Humblet wrote:
> At 09:54 AM 4/12/2002 +0200, Corinna Vinschen wrote:
> >I hope you don't mind that I'm asking you to send the patch again
> >to cygwin-patches, relative to the current CVS. 
> Here is the second installment. The only substantial change is that
> in __sec_user() sid1 is not obtained from cygheap->user.sid ()
> but from a new function getting the sid of the process token user.
> That is because we want the "old" sid, but cygheap->user.sid can
> already be the "new" sid.
> Instead of having this new function it would be more elegant to
> keep this important sid as a NO_COPY variable (initialized in
>, or perhaps in cygheap. It's largely a matter of taste.

We should get that SID easily:

  cygsid sid;
  sid.getfrompw (getpwuid (cygheap->user.orig_uid));


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                      
Red Hat, Inc.

More information about the Cygwin-patches mailing list