exec after seteuid

Corinna Vinschen cygwin-patches@cygwin.com
Mon Jun 9 16:24:00 GMT 2003

On Mon, Jun 09, 2003 at 11:14:56AM -0400, Pierre A. Humblet wrote:
> The right way is to save the system gid (as you save the system uid), and then
> 1) setegid(user_gid), seteuid(user_gid).
> Do the chdir
> Later to do the utmp piece, 
> 2) setegid(saved_gid), setegid(saved_uid)   (this goes back to the process token)
> Finally,
> 3)setgid(user_gid), setuid(user_uid).

It doesn't work that way.  When calling


it changes the impersonated access token if priv_gid is in the group
list of the new users token.  That way, the final setuid again creates
a new passwordless token.

But keeping the gid completly untouched should work.  Changing the euid
to the new user uses the token given by cygwin_set_impersonation_token.
Switching back to priv_uid again left the gid untouched so it just
reverts to self.

> Any initgroups() should/could go between 2 and 3.

initgroups() is totally useless in login() since it's whole purpose is
to use a token created by the system.  initgroups will have no effect
on that token.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

More information about the Cygwin-patches mailing list