Corinna Vinschen wrote:
>
> I don't understand that description. Could you try to explain
> in other words? What do you mean by "natural group"? Primary
> group as set by Windows (RID 513, "None" or "Domain Users",
> typically) or the primary group as set in /etc/passwd or ...?
When an intern
On Sun, Mar 03, 2002 at 10:05:39PM -0500, Pierre A. Humblet wrote:
> At 11:19 PM 2/23/2002 +0100, Corinna Vinschen wrote:
> 3) after a sequence setegid(newg1), seteuid(newuid),
> seteuid(original), the process has an unused primary token,
> which can be used again if there is another setegid(new
At 11:19 PM 2/23/2002 +0100, Corinna Vinschen wrote:
>> I am still looking at that. On 2001-10-31 you added RevertToSelf() in
>> dtable.cc (dtable::vfork_child_dup). Do you remember why?
>
>Yes! It's very important. Without that RevertToSelf(), the
>process has no access to it's own open socket
On Fri, Feb 22, 2002 at 10:06:53PM -0500, Pierre A. Humblet wrote:
> >today. E.g. your observation that RevertToSelf() could be dropped,
> >probably.
>
> I am still looking at that. On 2001-10-31 you added RevertToSelf() in
> dtable.cc (dtable::vfork_child_dup). Do you remember why?
Yes! It's
Hi Corinna
At 10:13 AM 2/14/2002 +0100, you wrote:
>The sec_user() call in CreateProcess()
>was never intended to set the default DACL (I didn't even know
>that something like that exists when I added that) but to set the
>permissions to access the process.
Yes, and in the case of DuplicateTo
On Wed, Feb 13, 2002 at 03:50:51PM -0500, Pierre A. Humblet wrote:
> Corinna,
>
> please forget my previous message for now.
No problem (I'm very busy currently). Just a side note I forgot
in my previous posting. The sec_user() call in CreateProcess()
was never intended to set the default DACL
Corinna,
please forget my previous message for now.
Pierre
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
At 04:57 PM 2/12/2002 +0100, Corinna Vinschen wrote:
>On Sun, Feb 10, 2002 at 02:34:55PM -0500, Pierre A. Humblet wrote:
Corinna, I have changed the order of the items.
>> In the course of debugging I also noticed that the sid2 passed
>> to sec_user() from just before CreateProcessAsUser() is us
On Sun, Feb 10, 2002 at 02:34:55PM -0500, Pierre A. Humblet wrote:
> I wonder what the sa in CreateProcess
> really does... The only thing that has an effect is the Inherit flag.
MSDN documents the SD in the lpProcessAttributes/lpThreadAttributes
argument being used as the SD of the called proce
Hi Corinna,
I have some free time and easy access to an NT
so I came back to security issues.
As you recall, in setegid(), setting the PrimaryGroup
in the process token isn't reliable and was #if'ed out.
Consequently non-cygwin subprocesses may create objects
with the wrong primary group.
I tri
10 matches
Mail list logo
