This is the mail archive of the cygwin-developers@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Windows 2003


Corinna Vinschen wrote:

> OTOH, this is a bit of a nightmare when porting these applications
> since it requires a careful examiniation of code, like, e. g.
> `if (!uid) ...'.
> 
> So (still as example) what about changing this to uid 0?  Anybody
> who needs to run service applications with special privileges should
> run them under the uid 0 account.  The uid 0 account could be created
> by a special script started from setup or from the command line.
> There's nothing keeping us from creating a Windows account "root"
> with Admin privileges plus all these dangerous "create token",
> "replace token" and "act as part of the OS" privileges.  Then we
> could use this one for all the dirty work.

Yep, that would work, but it forces changes to existing installations
(users need to update the passwd file) and all special applications 
need to be updated at once. That's major, compared to the few 2003 sites.
(having 2 entries in passwd doesn't really help).

The solution I proposed in the other e-mail allows a gradual migration,
application by application. Once it is is place and all special applications
use it, we can then change mkpasswd to have the root/uid=0 entry (which
is an excellent idea).

Special applications would work with old and new style /etc/passwd 
formats and everything would be transparent to end users. Only a few
porters have to redefine the macro ROOT_UID. 
I could code the new cygwin_internal value this weekend, so that it
goes out quickly.

Pierre


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]