This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: More security issues

Hi Corinna

At 10:13 AM 2/14/2002 +0100, you wrote:

>The sec_user() call in CreateProcess()
>was never intended to set the default DACL (I didn't even know
>that something like that exists when I added that) but to set the
>permissions to access the process.  
Yes, and in the case of DuplicateTokenEx(), the permissions of the
new primary token. However the sd's of a new process TOKEN and of a 
new impersonation token are always initialized from the default in the 
(parent) process token. I think I now understand what's going on.
The confusion between the impersonated sid and the original sid 
that we have observed in LookupAccountSid() is also present in the 
token sd, but things work out all right, for some reason. I will 
send you some patches shortly.

>When I implemented this, the fork/exec implementation was pretty
>different from today.  As far as I rememeber, the code which copied
>data from one process to the other needed access under the 2nd SID.
>This could qualify for some code which could be pretty useless
>today.  E.g. your observation that RevertToSelf() could be dropped,

I am still looking at that. On 2001-10-31 you added RevertToSelf() in (dtable::vfork_child_dup). Do you remember why?


Unsubscribe info:
Bug reporting:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]