"Eric Blake" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
According to Igor Peshansky on 1/5/2006 3:37 PM:
Hi,
'su' used to be an executable that worked correctly from a SYSTEM-owned
shell, but now it's a shell script that simply prints a "not supported"
message. Is it possible to resurrect the old "su" executable (that
perhaps prints the same message if run from a non-SYSTEM account)?
Coreutils certainly builds an su executable, but the cygwin distro of su
has been a script since at least 5.2.1 when Corinna was the maintainer; I
only enhanced the script to be a little more useful. I'll see what I can
do about getting the executable built and running, but no promise on a
timeline; is there any easy run-time test as to whether the current user
is SYSTEM and should try to perform user switching, vs. normal users to
print a warning message that su is relatively useless under cygwin/Windows
semantics?
Well just check that the app has appropriate priveleges.
(Only the app actually needs them, the user running the app does not
nessisaryally need them)
For passworded user switching:
SE_ASSIGNPRIMARYTOKEN_NAME &&
SE_INCREASE_QUOTA_NAME &&
SE_TCB_NAME
For passwordless user switching:
SE_CREATE_TOKEN_NAME &&
SE_ASSIGNPRIMARYTOKEN_NAME &&
SE_INCREASE_QUOTA_NAME
This is all documented in:
http://cygwin.com/cygwin-ug-net/ntsec.html
You should not cripple to program to being usable only on the system
account.
It is very much possible to give a user those privleges, and easy on XP pro
via the group policy editor (according to microsoft. I've never tried it.)
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
