This is the mail archive of the
mailing list for the Cygwin project.
Re: More security issues
On Wed, Feb 13, 2002 at 03:50:51PM -0500, Pierre A. Humblet wrote:
> please forget my previous message for now.
No problem (I'm very busy currently). Just a side note I forgot
in my previous posting. The sec_user() call in CreateProcess()
was never intended to set the default DACL (I didn't even know
that something like that exists when I added that) but to set the
permissions to access the process. If you're running processes
under different user accounts you can't kill processes of other
accounts if the SA is sec_all_nih. This is unfortunately also true
for admins. Even worse, admins can't stop processes running under
SYSTEM account (services). Therefore, when using ntsec, the sec_user()
call should set an SD with explicit permissions for the process which
always should allow access for
- the user
and, if the process is started from a different user account under
- the original user of the starting process
When I implemented this, the fork/exec implementation was pretty
different from today. As far as I rememeber, the code which copied
data from one process to the other needed access under the 2nd SID.
This could qualify for some code which could be pretty useless
today. E.g. your observation that RevertToSelf() could be dropped,
Just if that's not clear, I'm really appreciating that you're
trying to get to the bottom of that code.
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:firstname.lastname@example.org
Red Hat, Inc.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html