Re: Re: How to become root/root (0/0)

Re: Re: How to become root/root (0/0)

[Henning]

This is in response to Erik Soderquist's response. I happened to
delete the mail, so the citations may not look properly. Sorry for
the inconvenience.

 > On Windows, UID 0 does not exist
yes, I am (and were) fully aware of that. But see below.

 > trying to force UID 0 I would expect to result in less than guest
 > privileges
obviously you are right. So I undid any changes concerning USER, UID
and HOME, deleted /etc/{passwd,group}, I restored the original
/etc/nsswitch.conf and removed relevant settings from shortcut
cmdlines.

Now I've got root/None xxxxxx/xxxxxx and everything seems to work
properly. Obviously you kickd me in the right direction. Thanks a lot
for your prompt response.

But, though not really a "but", I now have $HOME=/root. This is what
I want, but how come? AFAIR, in the beginning it was /home/root,
which I don't like. Maybe I forgot to revert something. And, accor-
ding to ntsec.html the desire to have a non-/home/$USER would make
me one of your corner cases.

 > did you configure and start the cygserver service?
No. And currently, with things working properly, I don't see a
reason to have one more service running.

And yes,
 > the use of /etc/passwd in Cygwin has been deprecated
but, according to ntsec.html
    "Read /etc/passwd and /etc/group files if they exist, just
     as in the olden days, mainly for backward compatibility."
and
    "If no entry is found, or no passwd or group file was present,
     Cygwin will ask the OS."

So, shouldn't the method proposed here 
https://cygwin.com/ml/cygwin-apps/2003-11/msg00134.html , although from 
pre-nsswitch.conf times,
still work?

I think, I'll try again.

And the group "None". I found it mentioned in ntsec. Would it be
possible to create a group "root" in Windows which gives it's
members the same power as the group Administrators? And why "None"
and not "Administrators"?

Again, thanks for your quick reaction.

Henning

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: How to become root/root (0/0)

[Andrey Repin]

Greetings, Henning!

> And the group "None". I found it mentioned in ntsec. Would it be
> possible to create a group "root" in Windows which gives it's
> members the same power as the group Administrators? And why "None"
> and not "Administrators"?

Administrators do not have all possible permissions inherently.
Again, there's simply no equivalent of "god user" from *NIX in Windows
permissions system.

P.S.
You could always reply to your own [initial] message to preserve threading.


-- 
With best regards,
Andrey Repin
Thursday, May 9, 2019 15:08:14

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: How to become root/root (0/0)

[LRN]

[-- Attachment #1.1: Type: text/plain, Size: 589 bytes --]

On 09.05.2019 15:09, Andrey Repin wrote:
> Greetings, Henning!
> 
>> And the group "None". I found it mentioned in ntsec. Would it be
>> possible to create a group "root" in Windows which gives it's
>> members the same power as the group Administrators? And why "None"
>> and not "Administrators"?
> 
> Administrators do not have all possible permissions inherently.
> Again, there's simply no equivalent of "god user" from *NIX in Windows
> permissions system.

IIRC, the SYSTEM user has the most permissions, but users are normally
forbidden from doing things as SYSTEM.


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: How to become root/root (0/0)

[Andrey Repin]

Greetings, LRN!

>>> And the group "None". I found it mentioned in ntsec. Would it be
>>> possible to create a group "root" in Windows which gives it's
>>> members the same power as the group Administrators? And why "None"
>>> and not "Administrators"?
>> 
>> Administrators do not have all possible permissions inherently.
>> Again, there's simply no equivalent of "god user" from *NIX in Windows
>> permissions system.

> IIRC, the SYSTEM user has the most permissions, but users are normally
> forbidden from doing things as SYSTEM.

Most, but not all, and you could set permissions in such a way that "SYSTEM"
user won't be able to f.e. remove a certain file.


-- 
With best regards,
Andrey Repin
Thursday, May 9, 2019 15:34:08

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: How to become root/root (0/0)

[Bill Stewart]

On Thu, May 9, 2019 at 6:20 AM Andrey Repin wrote:

> Again, there's simply no equivalent of "god user" from *NIX in Windows
> permissions system.

That's not really correct. An account that is a member of the
Administrators local group (localized name can be different, SID is
S-1-5-32-544) is a root/superuser equivalent.

It is true that some objects have permissions that prevent Administrators
from accessing them, but any member of Administrators can take
ownership/change permissions/run as SYSTEM and access those objects.

Regards,

Bill

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: How to become root/root (0/0)

[LRN]

[-- Attachment #1.1: Type: text/plain, Size: 1230 bytes --]

On 09.05.2019 17:44, Bill Stewart wrote:
> On Thu, May 9, 2019 at 6:20 AM Andrey Repin wrote:
> 
>> Again, there's simply no equivalent of "god user" from *NIX in Windows
>> permissions system.
> 
> That's not really correct. An account that is a member of the
> Administrators local group (localized name can be different, SID is
> S-1-5-32-544) is a root/superuser equivalent.
> 
> It is true that some objects have permissions that prevent Administrators
> from accessing them, but any member of Administrators can take
> ownership/change permissions/run as SYSTEM and access those objects.

IIRC, even Administrators can't run as SYSTEM. To run as SYSTEM, you need to
somehow coerce a process that runs as SYSTEM to do something for you. Usually
achieved by running a [temporary] service and having it do what you want to be
done.

Notably, SYSTEM (but not Administrator) can impersonate any other user without
needing a password (other users can only impersonate with a password - i.e.
they need to authenticate themselves). In that sense SYSTEM is the true root
(though there are other high-privilege accounts, such as Trusted Installer and
Local Service that might be able to do the same things).


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: How to become root/root (0/0)

[Andrey Repin]

Greetings, LRN!

>>> Again, there's simply no equivalent of "god user" from *NIX in Windows
>>> permissions system.
>> 
>> That's not really correct. An account that is a member of the
>> Administrators local group (localized name can be different, SID is
>> S-1-5-32-544) is a root/superuser equivalent.
>> 
>> It is true that some objects have permissions that prevent Administrators
>> from accessing them, but any member of Administrators can take
>> ownership/change permissions/run as SYSTEM and access those objects.

> IIRC, even Administrators can't run as SYSTEM. To run as SYSTEM, you need to
> somehow coerce a process that runs as SYSTEM to do something for you. Usually
> achieved by running a [temporary] service and having it do what you want to be
> done.

> Notably, SYSTEM (but not Administrator) can impersonate any other user without
> needing a password

Only locally.
But then again, impersonation versus having an inherent god power.

> (other users can only impersonate with a password - i.e.
> they need to authenticate themselves). In that sense SYSTEM is the true root
> (though there are other high-privilege accounts, such as Trusted Installer and
> Local Service that might be able to do the same things).



-- 
With best regards,
Andrey Repin
Friday, May 10, 2019 16:53:51

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple