This is the mail archive of the
cygwin-developers@cygwin.com
mailing list for the Cygwin project.
Re: Windows 2003
- From: Igor Pechtchanski <pechtcha at cs dot nyu dot edu>
- To: cygwin-developers at cygwin dot com
- Date: Fri, 11 Jul 2003 08:44:10 -0400 (EDT)
- Subject: Re: Windows 2003
- Reply-to: cygwin-developers at cygwin dot com
On Fri, 11 Jul 2003, Corinna Vinschen wrote:
> On Thu, Jul 10, 2003 at 05:05:55PM -0400, Pierre A. Humblet wrote:
> > I just reread the CreateProcessAsUser page. We do a RevertToSelf, so
> > we access the executable image in the security context of the caller.
> > Accessing C:\cygwin\bin\bash.exe isn't the issue, the error message
> > must be about some other path...
>
> I've just got it working with a non-SYSTEM user under which sshd is
> running. The problem was a still missing user privilege. The user
> starting sshd as service needs not only the "Create a token object"
> but also the "Replace a process level token" privilege, otherwise
> the CreateProcessAsUser fails. After finding it it suddenly is clear
> why it didn't work.
>
> Corinna
I guess it pays to read your own documentation:
<http://cygwin.com/cygwin-ug-net/ntsec.html#NTSEC-SETUID>... ;-)
Should the above be updated with new privileges for Win2003, BTW?
Igor
--
http://cs.nyu.edu/~pechtcha/
|\ _,,,---,,_ pechtcha@cs.nyu.edu
ZZZzz /,`.-'`' -. ;-;;,_ igor@watson.ibm.com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster." -- Patrick Naughton