exec after seteuid

Pierre A. Humblet Pierre.Humblet@ieee.org
Mon Jun 9 17:13:00 GMT 2003


Corinna Vinschen wrote:
> 
> On Mon, Jun 09, 2003 at 12:43:13PM -0400, Pierre A. Humblet wrote:
> > Corinna Vinschen wrote:
> > > it changes the impersonated access token if priv_gid is in the group
> > > list of the new users token.
> >
> > Nope. The token is only changed by set(e)uid(), never by set(e)gid().
> > Set(e)gid only changes the default group in the token, not the token
> > itself (that's your design, or perhaps even older, and it's just fine).
> 
> There's SetTokenInformation(TokenPrimaryGroup) called in setegid32.

Yes, but it's a misleading name. It only affects the (default) group of
files created by Windows programs launched by Cygwin.
Also, starting with Win2000, such a call will fail in the case when the
group given as argument is not in the token groups.

> > But the intermediate switch back to 18 will then create a new token and
> > discard the token given by cygwin_set_impersonation_token.
> 
> Why should it?  If the group hasn't changed before, the seteuid(priv_uid)
> reverts to the original uid/gid combination.  That's exactly the case
> which should result in calling RevertToSelf() and nothing else.

Right, but if the gid hasn't changed before, the initial setuid(user) may
have created a new token (and discarded the token we want to use :( ).
See previous mail. Otherwise you end up running with a gid that's not in
your token groups. That can lead to all kinds of troubles.

Pierre



More information about the Cygwin-patches mailing list