From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 26220 invoked by alias); 23 Feb 2002 03:06:33 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Received: (qmail 26116 invoked from network); 23 Feb 2002 03:06:29 -0000 Received: from unknown (HELO 193.55.114.200) (65.96.132.163) by sources.redhat.com with SMTP; 23 Feb 2002 03:06:29 -0000 Received: from [127.0.0.1] (helo=hpn5170x) by 193.55.114.200 with smtp (Exim 3.953) id 16eSWU-02huZl-00 for cygwin@cygwin.com; Fri, 22 Feb 2002 22:06:55 -0500 Message-Id: <3.0.5.32.20020222220653.007e8450@pop.ne.mediaone.net> X-Sender: phumblet@pop.ne.mediaone.net (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Fri, 22 Feb 2002 20:41:00 -0000 To: Corinna Vinschen From: "Pierre A. Humblet" Subject: Re: More security issues In-Reply-To: <20020214101329.O23094@cygbert.vinschen.de> References: <3.0.5.32.20020213155051.007cce50@pop.ne.mediaone.net> <3.0.5.32.20020210143455.007f2100@pop.ne.mediaone.net> <3.0.5.32.20020210143455.007f2100@pop.ne.mediaone.net> <3.0.5.32.20020213155051.007cce50@pop.ne.mediaone.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-SW-Source: 2002-02/txt/msg01156.txt.bz2 Hi Corinna At 10:13 AM 2/14/2002 +0100, you wrote: >The sec_user() call in CreateProcess() >was never intended to set the default DACL (I didn't even know >that something like that exists when I added that) but to set the >permissions to access the process. Yes, and in the case of DuplicateTokenEx(), the permissions of the new primary token. However the sd's of a new process TOKEN and of a new impersonation token are always initialized from the default in the (parent) process token. I think I now understand what's going on. The confusion between the impersonated sid and the original sid that we have observed in LookupAccountSid() is also present in the token sd, but things work out all right, for some reason. I will send you some patches shortly. >When I implemented this, the fork/exec implementation was pretty >different from today. As far as I rememeber, the code which copied >data from one process to the other needed access under the 2nd SID. >This could qualify for some code which could be pretty useless >today. E.g. your observation that RevertToSelf() could be dropped, >probably. I am still looking at that. On 2001-10-31 you added RevertToSelf() in dtable.cc (dtable::vfork_child_dup). Do you remember why? Pierre -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/