This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
When cygwin starts a process, it sets its security to allow access by the Administrators. However this is not necessarily the case when Windows starts a cygwin process. This results in various anomalies, e.g. an admin user cannot signal/kill the top Cygwin process started by a non-privileged user with fast user switching. Similarly administrators may not have access to some file mappings. Fixing that would be very easy if the well_known_sids were available early at startup time. However they are recomputed late in the startup sequence on exec, and copied from the parent in case of fork. This patch simply stores the well_known_sids as NO_COPY variables, eliminating all run time overhead and making them available during the init sequence. That will be used in a subsequent patch. Pierre 2004-02-04 Pierre Humblet <pierre.humblet@ieee.org> * security.h (SID): New macro. (well_known_*_sid): Change type to cygpsid. (cygsid::init): Delete declaration. * sec_helper.cc (well_known_*_sid): Define as cygpsid and initialize. (cygsid::init): Delete. * dcrt0.cc (dll_crt0_0): Do not call cygsid::init. * security.cc (get_user_local_groups): Change the second argument type to cygpsid.
Attachment:
sid.diff
Description: Text document
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |