From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 11780 invoked by alias); 24 Jun 2005 15:03:45 -0000 Mailing-List: contact cygwin-talk-help@cygwin.com; run by ezmlm Precedence: bulk List-Subscribe: List-Post: List-Help: , Sender: cygwin-talk-owner@cygwin.com Reply-To: The Cygwin-Talk Malingering List Received: (qmail 11747 invoked by uid 22791); 24 Jun 2005 15:03:42 -0000 Received: from host217-40-213-68.in-addr.btopenworld.com (HELO SERRANO.CAM.ARTIMI.COM) (217.40.213.68) by sourceware.org (qpsmtpd/0.30-dev) with ESMTP; Fri, 24 Jun 2005 15:03:42 +0000 Received: from mace ([192.168.1.25]) by SERRANO.CAM.ARTIMI.COM with Microsoft SMTPSVC(6.0.3790.211); Fri, 24 Jun 2005 16:03:39 +0100 From: "Dave Korn" To: "'FREEDOM IS SLAVERY IGNORANCE IS STRENGTH DOS IS UNIX'" Subject: RE: [spam] Re: Windows rights Date: Fri, 24 Jun 2005 15:04:00 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit In-Reply-To: <20050623175338.GX2814@calimero.vinschen.de> Message-ID: X-SW-Source: 2005-q2/txt/msg00486.txt.bz2 ----Original Message---- >From: Corinna Vinschen >Sent: 23 June 2005 18:54 [Bock-bock-b'gaaaaaaawwwk!] > And what exactly is the difference between an account root and the user > with uid 0? That's an artificial distinction which doesn't make sense, > especially since the primary group has no strong meaning in Windows. > > So what does LocalSystem represent *exactly* in your opinion? Is it a > specific access token? > > Sounds like TITTTL to me... LocalSystem is an account. An account is an object in the AD. There is an access token associated with that account. An access token is a container in the LSA. Within that container there are two SIDs. A SID is another kind of object. When you pass the correct login details to the LSA, that correspond to those recorded in the account object, it creates the access token container and places two SID objects in it. One of those SID objects is SYSTEM. So LocalSystem is an AD record that contains the details of which SIDs should be placed in the access token, and SYSTEM is one of those SIDs. LocalSystem and SYSTEM are objects of different classes that exist within different kinds of containers in different subsystems of the OS, and to say that "LocalSystem is the same thing as SYSTEM" is as incorrect as saying that "LocalSystem is the same thing as Administrators", which I hope is at least more obviously incorrect.... cheers, DaveK -- Can't think of a witty .sigline today....