On Fri, Feb 01, 2002 at 10:08:49AM -0500, Pierre A. Humblet wrote:
>> I hoped to get an assignment from you so that we never have to ask
>> for that later.
>Ah, but I am pretty sure you have one already (a few years back).
I don't see any record of this. Do you have specifics? Like who you
se
On Fri, Feb 01, 2002 at 10:08:49AM -0500, Pierre A. Humblet wrote:
> Ah, but I am pretty sure you have one already (a few years back).
Really? That's a good thing. I don't have a list of all the
people who already sent an assignment, unfortunately.
> > Is it a problem for you to assign copyrig
Corinna Vinschen wrote:
> It's using standard 8 char wide tabs. I'm using vi with `set ts=8
> set sw=2', that's all. The tab setting should work with all
> editors in default setting. The formatting used is consistent with
> http://www.gnu.org/prep/standards_toc.html.
OK, it's not what I use b
On Thu, Jan 31, 2002 at 10:07:36PM -0500, Pierre A. Humblet wrote:
> I saw that, but my editor is not setup for your tab settings and for
> your C indent style. You probably wouldn't like it if I were to apply
> my style. Do you have a standard setup, e.g. for emacs?
It's using standard 8 char wi
At 11:26 AM 1/30/02 +0100, Corinna Vinschen wrote:
>On Tue, Jan 29, 2002 at 09:32:06PM -0500, Pierre A. Humblet wrote:
>I think you're right that we should always look for the SID in
>/etc/passwd at that point. The problem is exactly the startup of
>cygrunsrv with no CYGWIN setting in the system
On Tue, Jan 29, 2002 at 09:32:06PM -0500, Pierre A. Humblet wrote:
> When ntsec is not defined, internal_getlogin matches the
> Windows username with the pw_name's in passwd to find the uid.
> When ntsec is defined, internal_getlogin scans passwd by sid's.
> Cygwin user names can then be different
On Tue, Jan 29, 2002 at 09:32:06PM -0500, Pierre A. Humblet wrote:
>--- how-to-debug-cygwin.txt.in Tue Jan 29 20:08:10 2002
>+++ how-to-debug-cygwin.txtTue Jan 29 20:17:50 2002
>@@ -11,7 +11,9 @@
>
> 1. The first thing you'll need to do is to build cygwin1.dll and your crashed
> application fr
At 07:41 PM 1/23/02 +0100, Corinna Vinschen wrote:
>On Wed, Jan 23, 2002 at 01:22:29PM -0500, Pierre A. Humblet wrote:
>> OK, but can you give suggestions about how to debug processes
>> started under cygrunsrv? I tried to have cygrunsrv start a shell
>> and put strace in the shell script. Howeve
On Fri, Jan 25, 2002 at 11:44:03AM -0500, Pierre A. Humblet wrote:
> By the way, do you know why LookupAccountSid() returns different
> values when the sid is impersonated and when it isn't. Like:
>
> In impersonated token created in a process launched by Phumblet
> /*** Token Use
Corinna Vinschen wrote:
> That sounds weird, though. It doesn't make sense. The DACL
> for the token only sets the permissions for accessing the token
> and not for accessing other objects.
>
> Hmm.
>
> OTOH..., if the process can't access the token it doesn't know about
> it's own permission
On Fri, Jan 25, 2002 at 09:57:02AM -0500, Pierre A. Humblet wrote:
> The impersonated one, after setuid()
> No problem whatsoever with the creator ("self" in Microsoft language).
>
> >In which situation does the application try to read the
> > registry key, before or after the successful setuid(
Corinna Vinschen wrote:
Hi Corinna, I have rearranged the order of your questions.
> The registry you're trying to access, is that a key below HKCU or
> HKLM?
Special keys:
HKLM
"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib\\009
and
HKEY_PERFORMANCE_DATA
Although the first key abo
On Thu, Jan 24, 2002 at 04:17:47PM -0500, Pierre A. Humblet wrote:
> Corinna Vinschen wrote:
>
> > Sorry but I don't see what you've tested. The patch should address
> > your problem with the access rights of the impersonation token.
>
> The attachment has a printout of the security info of the
Corinna Vinschen wrote:
> Sorry but I don't see what you've tested. The patch should address
> your problem with the access rights of the impersonation token.
The attachment has a printout of the security info of the impersonation
token. Its DACL is not set the way you intend to have it, in fac
On Thu, Jan 24, 2002 at 02:56:49PM -0500, Pierre A. Humblet wrote:
> Corinna Vinschen wrote:
>
> > However, I've just checked in a change which should create a useful
> > DACL for the primary token created by DuplicateTokenEx() in the
> > create_token() function. It uses the function `sec_user()
Corinna Vinschen wrote:
> However, I've just checked in a change which should create a useful
> DACL for the primary token created by DuplicateTokenEx() in the
> create_token() function. It uses the function `sec_user()' which I
> once introduced to set security attributes for CreateProcess call
On Mon, Jan 21, 2002 at 10:40:18AM -0500, Pierre A. Humblet wrote:
> "Corinna Vinschen" wrote:
> >
> > On Fri, Jan 18, 2002 at 07:46:03PM -0500, Pierre A. Humblet wrote:
>
> > > Entry in passwd (note Cygwin name != Windows name)
> > > exim:unused_by_nt/2000/xp:1002:1005:daemon,U-PHumblet\Mail,S-
"Corinna Vinschen" wrote:
>
> On Fri, Jan 18, 2002 at 07:46:03PM -0500, Pierre A. Humblet wrote:
> > Entry in passwd (note Cygwin name != Windows name)
> > exim:unused_by_nt/2000/xp:1002:1005:daemon,U-PHumblet\Mail,S-1-5-21-21273915
> > 03-1594901184-99485923-1002:/h
> > ome/Mail:/bin/bash
> >
>
On Sat, Jan 19, 2002 at 07:02:51PM -0500, Pierre A. Humblet wrote:
> At 12:33 AM 1/20/02 +0100, you wrote:
> >I'm not quite sure if I understand. If the setgid() is made
> >while a impersonation is active, the setgid() should affect
> >the impersonation token.
>
> No, no, it changes the proces
At 12:33 AM 1/20/02 +0100, you wrote:
>On Sat, Jan 19, 2002 at 04:52:18PM -0500, Pierre A. Humblet wrote:
>The problem is that in contrast to POSIX the PrimaryGroup is
>restricted to the Groups already listed in the access token
>of the process. So it will fail if the primary group is set
>only
On Sat, Jan 19, 2002 at 04:52:18PM -0500, Pierre A. Humblet wrote:
> At 05:06 PM 1/19/02 +0100, Corinna Vinschen wrote:
> >On Fri, Jan 18, 2002 at 07:46:03PM -0500, Pierre A. Humblet wrote:
> >
> >> 3) Why is it necessary to set the PrimaryGroup in the
> >> process token in setegid()?
> >
> >No,
At 05:06 PM 1/19/02 +0100, Corinna Vinschen wrote:
>On Fri, Jan 18, 2002 at 07:46:03PM -0500, Pierre A. Humblet wrote:
>
>> 3) Why is it necessary to set the PrimaryGroup in the
>> process token in setegid()?
>
>No, the primary group is used also to create object DACLs.
>When setting the PrimaryG
On Fri, Jan 18, 2002 at 07:46:03PM -0500, Pierre A. Humblet wrote:
> The real problem is that following setuid(), the ACL (not default
> ACL) of the impersonation token (which is inherited from the
> default ACL of the process token) makes the impersonation
> token non-accessible by its user
> (n
At 06:38 PM 12/30/01 +0100, Corinna Vinschen wrote:
>On Sun, Dec 30, 2001 at 11:26:15AM -0500, Pierre A. Humblet wrote:
>> At 11:15 PM 12/29/01 +0100, Corinna Vinschen wrote:
>> While I am at it, here is another weird observation:
>> base case above: prog reads some registry key. Succeeds.
>> cas
On Sun, Dec 30, 2001 at 11:26:15AM -0500, Pierre A. Humblet wrote:
> At 11:15 PM 12/29/01 +0100, Corinna Vinschen wrote:
> You are reading my mind! I tried it without being administrator.
> Now open_local_policy () goes OK but in get_priv_list ()
> calls to LsaEnumerateAccountRights() (that succee
At 11:15 PM 12/29/01 +0100, Corinna Vinschen wrote:
>On Sat, Dec 29, 2001 at 03:23:01PM -0500, Pierre A. Humblet wrote:
Thanks Corinna, that was fast!
>> Bug in security.cc:
>Thanks for the heads up. I've checked in a patch.
It works, thanks. The following alternative
LSA_HANDLE lsa;
NTSTATUS
On Sat, Dec 29, 2001 at 03:23:01PM -0500, Pierre A. Humblet wrote:
> Bug in security.cc:
>
> The intent of open_local_policy() is to return an INVALID
> handle if the call to LsaOpenPolicy() fails. Unfortunately
> the failed call changes the value of lsa. The fix is obvious.
Thanks for the heads
Bug in security.cc:
The intent of open_local_policy() is to return an INVALID
handle if the call to LsaOpenPolicy() fails. Unfortunately
the failed call changes the value of lsa. The fix is obvious.
Breakpoint 3, open_local_policy () at /src/winsup/cygwin/security.cc:183
184 LSA_HANDLE lsa
28 matches
Mail list logo
