[Patch] Allow to disable root privileges with CYGWIN=noroot
Sun Aug 30 19:38:00 GMT 2009
Corinna Vinschen wrote:
> If you plan to run a Cygwin application with restricted rights from your
> administrative account, the IMHO right way would be to start the Cygwin
> application through another application which creates a *really*
> restricted user token using the Win32 function CreateRestrictedToken and
> then call cygwin_set_impersonation_token/execv to start the restricted
> process. A Cygwin tool which accomplishes that would be much more
> useful and much more generic than this patch, IMHO.
I agree, let's forget the patch.
But I'm not sure how cygwin_set_impersonation_token() could be of any
help here. This function sets user.external_token which is only used in
seteuid32(). Setuid/seteuid() cannot be used because the restricted
token is not related to another user id.
A quick test with native calls works for me:
HANDLE t, rt;
OpenProcessToken (GetCurrentProcess (), TOKEN_ALL_ACCESS, &t);
CreateRestrictedToken (t, DISABLE_MAX_PRIVILEGE, 0, ..., 0, &rt);
CreateProcessAsUser (rt, 0, "c:/cygwin/bin/mintty...", ...);
BTW: CreateRestrictedToken is apparently missing in
/usr/include/w32api/*.h, but it is present in libadvapi32.a
More information about the Cygwin-patches