This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: how to determine if a shell is running as Administrator?


On Feb  5 12:08, Achim Gratz wrote:
> Corinna Vinschen writes:
> >> 2. Parse the output of groups or id -G.  I can't find any reliable way to do
> >> this.  For example on my host, when I start a shell with "Run as administrator",
> >> the new group I get isn't 544 (Administrators).  It's 114 (Local account and
> >> member of Administrators group).  Is that at all portable or reliable?
> >
> > Huh?  There is no such group in Windows.  Where does it come from?
> 
> Yes there is, at least on Windows 8.1N Core and Server 2012R2.  In fact
> there are two new SID:
> 
> 113 (Local account)
> 114 (Local account and member in Administrators group)
> 
> http://blogs.technet.com/b/secguide/archive/2014/09/02/blocking-remote-use-of-local-accounts.aspx
> https://msdn.microsoft.com/en-us/library/cc980032.aspx

Thanks for the info.  Now I remember that I saw them already at one
point, but I never had a deeper look what they actually are good for.

However, the user token of such a user still contains the Administrators
group (I just tested it) and thus the `id -G' test for 544 (or 0 with
the old "root" entry in /etc/group) is still valid.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpcmCWjc94k_.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]