This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: suid bit on executables?



On Tue, 23 Mar 2004, Igor Pechtchanski wrote:

> FYI, Cygwin implements /dev/conin and /dev/conout, so, perhaps, the
> approach suggested in <http://cygwin.com/ml/cygwin/2004-03/msg00259.html>
> would be helpful (or something along those lines).

Thanks, Igor, I'll look into that in a minute...

> OTOH, once cygserver is in place, we'll have a working "su" (which is
> exactly what you want, right?).
> 	Igor

No, what I need is _very_ different. The requirement is for a program that
runs as a different user without that user having any special privileges
themselves and without the ability to log in, or run other programs as
that other user. On Unix (and Unix clones), there's a concept of the "suid
bit" which is set in the file system and associated with executable
programs (and on many implementations, executable shell scripts too). When
any user, including root, executes a program with the suid bit set, the
program runs just like any other program except that it runs in the user
context of the file's owner, NOT as the user who called the program. In
contrast, su requires that the caller have the password of the account in
question...

That said, a "working su" program _should_ be able to be used as the
foundation of an implementation of an exec call where the suid bit is set.
Corinna hinted that W2003 makes things harder and I haven't any idea why,
but it figures that Windows would try very hard to ensure that nothing
else is compatible with Windows. -frown-

Regards,
Richard

-- 
Richard Troy, Chief Scientist
Science Tools Corporation
rtroy@ScienceTools.com, 510-567-9957, http://ScienceTools.com/


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]