Corinna Vinschen wrote: > However, I've just checked in a change which should create a useful > DACL for the primary token created by DuplicateTokenEx() in the > create_token() function. It uses the function `sec_user()' which I > once introduced to set security attributes for CreateProcess calls, > etc. Could you test if it now behaves as you'd expect?
Corinna, It doesn't seem to do anything (see attach). What does it do for you? I am pretty sure (used gdb) that I am running your latest code. NT4.0 Pierre
gid was 513 setgid returned 0, read 1005 uid was 500 setuid returned 0, read 1004 USERNAME testuser /******************* Token Start ****************************/ /******************* Token User */ PHumblet ASTRALPOINT SidTypeUser S-1-5-21-2127391503-1594901184-99485923-1004 /******************* Token Type */ TokenImpersonation /******************* Token Source */ Token source Cygwin.1 /******************* Token Security */ *************** SECURITY INFO START ************* Owner: Administrators BUILTIN SidTypeAlias S-1-5-32-544 Group: Domain Users ASTRALPOINT SidTypeGroup S-1-5-21-1391547877-877281485-1846952604-513 ACL: 0 Administrators BUILTIN SidTypeAlias S-1-5-32-544 ACCESS_ALLOWED_ACE_TYPE TOKEN_ASSIGN_PRIMARY, TOKEN_DUPLICATE, TOKEN_IMPERSONATE, TOKEN_QUERY, TOKEN_QUERY_SOUR CE, TOKEN_ADJUST_PRIVILEGES, TOKEN_ADJUST_GROUPS, TOKEN_ADJUST_DEFAULT, DELETE, READ_CO NTROL, WRITE_DAC, WRITE_OWNER, 1 SYSTEM NT AUTHORITY SidTypeWellKnownGroup S-1-5-18 ACCESS_ALLOWED_ACE_TYPE TOKEN_ASSIGN_PRIMARY, TOKEN_DUPLICATE, TOKEN_IMPERSONATE, TOKEN_QUERY, TOKEN_QUERY_SOUR CE, TOKEN_ADJUST_PRIVILEGES, TOKEN_ADJUST_GROUPS, TOKEN_ADJUST_DEFAULT, DELETE, READ_CO NTROL, WRITE_DAC, WRITE_OWNER, *************** SECURITY INFO END *************
-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
