This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

security.cc: bug report, question and suggestion


Bug in security.cc:

The intent of open_local_policy() is to return an INVALID
handle if the call to LsaOpenPolicy() fails. Unfortunately
the failed call changes the value of lsa. The fix is obvious.

Breakpoint 3, open_local_policy () at /src/winsup/cygwin/security.cc:183
184       LSA_HANDLE lsa = INVALID_HANDLE_VALUE;
(gdb) s
186       NTSTATUS ret = LsaOpenPolicy(NULL, &oa, POLICY_ALL_ACCESS, &lsa);
(gdb) p lsa
$19 = 0xffffffff
(gdb) n
187       if (ret != STATUS_SUCCESS)
(gdb) p ret
$20 = -1073741790
(gdb) p lsa
$21 = 0x0

Question:
is the Policy Object only accessible by administrators 
or is there some ACL that can be set? I was unable
to find info on the Microsoft site.

Suggestion
In cygrunsrv.README, could you add that the user specified
with -u must have the "Logon as a service" privilege?

Thanks

Pierre


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]