On Oct 6 22:15, Christian Franke wrote: > Corinna Vinschen wrote: >> ...and maybe it's time to create a cygwin_internal call which replaces >> cygwin_set_impersonation_token and deprecate cygwin_set_impersonation_token >> in the long run. So, instead of the above we could have this call >> taking a HANDLE and a BOOL value: >> >> cygwin_internal (CW_SET_EXTERNAL_TOKEN, token_handle, restricted?); >> >> > > OK. > > I have a very first experimental version which works for me. It also > requires a new flag 'cygheap->user.is_restricted_token' to tell > spawn_guts() to use CreateProcessAsUser(). > > I will post the patch in a few days. > > A question: > > Why does seteuid32() call 'set_cygwin_privileges ()' on 'curr_imp_token' > and not on 'curr_primary_token' ? The curr_primary_token is used for > impersonation and therefore the privileges are not set for the thread > itself.
Oops. Thanks for catching. I applied a patch. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat
