This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: exec after seteuid


On Mon, Jun 09, 2003 at 12:43:13PM -0400, Pierre A. Humblet wrote:
> Corinna Vinschen wrote:
> > it changes the impersonated access token if priv_gid is in the group
> > list of the new users token. 
> 
> Nope. The token is only changed by set(e)uid(), never by set(e)gid().
> Set(e)gid only changes the default group in the token, not the token 
> itself (that's your design, or perhaps even older, and it's just fine).

There's SetTokenInformation(TokenPrimaryGroup) called in setegid32.

> But the intermediate switch back to 18 will then create a new token and
> discard the token given by cygwin_set_impersonation_token.

Why should it?  If the group hasn't changed before, the seteuid(priv_uid)
reverts to the original uid/gid combination.  That's exactly the case
which should result in calling RevertToSelf() and nothing else.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]