--- spawn.cc.org	Tue Feb 12 11:28:18 2002
+++ spawn.cc	Tue Feb 12 12:53:16 2002
@@ -612,9 +612,6 @@
   else
     envblock = winenv (envp, 0);

-  /* Preallocated buffer for `sec_user' call */
-  char sa_buf[1024];
-
   if (!hToken && cygheap->user.impersonated
       && cygheap->user.token != INVALID_HANDLE_VALUE)
     hToken = cygheap->user.token;
@@ -634,10 +631,8 @@
       newheap = cygheap_setup_for_child (&ciresrv, cygheap->fdtab.need_fixup_before ());
       rc = CreateProcess (runpath,	/* image name - with full path */
 			  one_line.buf,	/* what was passed to exec */
-					  /* process security attrs */
-			  allow_ntsec ? sec_user (sa_buf) : &sec_all_nih,
-					  /* thread security attrs */
-			  allow_ntsec ? sec_user (sa_buf) : &sec_all_nih,
+			  &sec_all_nih, /* process security attrs */
+			  &sec_all_nih, /* thread security attrs */
 			  TRUE,	/* inherit handles from parent */
 			  flags,
 			  envblock,/* environment */
@@ -647,23 +642,10 @@
     }
   else
     {
-      cygsid sid;
-      DWORD ret_len;
-      if (!GetTokenInformation (hToken, TokenUser, &sid, sizeof sid, &ret_len))
-	{
-	  sid = NO_SID;
-	  system_printf ("GetTokenInformation: %E");
-	}
-      /* Retrieve security attributes before setting psid to NULL
-	 since it's value is needed by `sec_user'. */
-      PSECURITY_ATTRIBUTES sec_attribs = allow_ntsec && sid
-					 ? sec_user (sa_buf, sid)
-					 : &sec_all_nih;
-
       /* Remove impersonation */
-      if (cygheap->user.impersonated
-	  && cygheap->user.token != INVALID_HANDLE_VALUE)
-	RevertToSelf ();
+//      if (cygheap->user.impersonated
+//	  && cygheap->user.token != INVALID_HANDLE_VALUE)
+//	RevertToSelf ();

       static BOOL first_time = TRUE;
       if (first_time)
@@ -673,7 +655,7 @@
 	}

       /* Load users registry hive. */
-      load_registry_hive (sid);
+      load_registry_hive (cygheap->user.sid ());

       /* allow the child to interact with our window station/desktop */
       HANDLE hwst, hdsk;
@@ -697,8 +679,8 @@
       rc = CreateProcessAsUser (hToken,
 		       runpath,		/* image name - with full path */
 		       one_line.buf,	/* what was passed to exec */
-		       sec_attribs,     /* process security attrs */
-		       sec_attribs,     /* thread security attrs */
+		       &sec_all_nih,    /* process security attrs */
+		       &sec_all_nih,    /* thread security attrs */
 		       TRUE,	/* inherit handles from parent */
 		       flags,
 		       envblock,/* environment */
@@ -707,10 +689,10 @@
 		       &pi);
       /* Restore impersonation. In case of _P_OVERLAY this isn't
 	 allowed since it would overwrite child data. */
-      if (mode != _P_OVERLAY
-	  && cygheap->user.impersonated
-	  && cygheap->user.token != INVALID_HANDLE_VALUE)
-	ImpersonateLoggedOnUser (cygheap->user.token);
+//      if (mode != _P_OVERLAY
+//	  && cygheap->user.impersonated
+//	  && cygheap->user.token != INVALID_HANDLE_VALUE)
+//	ImpersonateLoggedOnUser (cygheap->user.token);
     }

   MALLOC_CHECK;