This is the mail archive of the
mailing list for the Cygwin project.
Re: security.cc: bug report, question and suggestion
On Tue, Jan 29, 2002 at 09:32:06PM -0500, Pierre A. Humblet wrote:
> When ntsec is not defined, internal_getlogin matches the
> Windows username with the pw_name's in passwd to find the uid.
> When ntsec is defined, internal_getlogin scans passwd by sid's.
> Cygwin user names can then be different from Windows user names.
> In my case the program was running as a service under cygrunsrv.
> ntsec was not defined in the environment of the service manager,
> but only as a -e CYGWIN= argument to cygrunsrv.
> When cygrunsrv started it didn't find the Windows username in pw_name
> and used the default uid. When the service application started, with
> ntsec, it didn't scan the passwd file because cygrunsrv is a Cygwin
> process. Thus the username and uid were incorrect under ntsec...
> The same problem happens when a user with a Cygwin username
> different from Windows starts without ntsec.
> I saw 4 possible solutions.
> 1) Mandate ntsec if Cygwin and Windows user names differ.
> Not so good. /etc/passwd is a shared resource and different users
> may have different ntsec preferences. Unexpected situations can
But that's the whole point of having `ntsec' on. As I described in
the ntsec docs (http://cygwin.com/cygwin-ug-net/ntsec.html) having a
Cygwin username different from the Windows username is explicitely
a property of `ntsec'. Having a different username is not supported
Besides that, I can't suggest using ntsec for one user but nontsec
for another user. This results in weird effects for the user who's
not using ntsec. According to the `ls -l' output she has access to
file "foo" but a `cat foo' returns "Permission denied". I admit
that that also may happen with ntsec on, due to the complexity of
NT permissions which aren't reflected by the `ls -l' output. But the
surprises should be few.
> 4) Always scan /etc/passwd for sid (on NT/2000/XP). If no success,
> rescan based on Windows username.
> A little inefficient at startup if ntsec is not enabled, but most
> flexible [the two searches can also be combined, possible
I think you're right that we should always look for the SID in
/etc/passwd at that point. The problem is exactly the startup of
cygrunsrv with no CYGWIN setting in the system environment. I'm
so used to having the usual "CYGWIN=binmode ntsec tty" in my system
environment that I'd never seen that problem.
> The attached uinfo.diff file implements solution 4.
> It also does not set primary group in the token (useless).
No, it's not useless. If this process starts non-Cygwin processes
this processes will set the users primary group given in /etc/passwd
as primary group for created files. That's intended. I will not
However, I have some problems with your patch to uinfo.cc.
- It eliminates the opening brace at line 130 but it eliminates an
unrelated closing brace at line 193. The corresponding closing
brace would be in line 212. Is that planned - and if so, why -
or is that just an accident?
- The formatting isn't correct anymore after eliminating the braces.
- I'm missing a ChangeLog entry for that patch.
Could you please resubmit your patch with these changes to the
cygwin-patches mailing list? And would you mind to send a copyright
assignment form as described on http://cygwin.com/contrib.html?
Thanks for tracking that down. This could explain some of the
problems people have starting sshd, perhaps.
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:email@example.com
Red Hat, Inc.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html