Re: The eternal uid issue

[Corinna Vinschen <corinna-cygwin at cygwin dot com>]

On Jul 24 08:52, D. Boland wrote:
> In your previous mail, you propose the following function to check for 'root'
> privileges, which an upstream maintainer could put in his code:
> 
> int
> is_admin (uid_t uid)
> {
> #ifdef __CYGWIN__
>   return [getgrouplist(uid, ...) contains group 544];
> #else [other platform]
>   return [different test];
> #else
>   return uid == 0;
> #endif
> }
> 
> But this only introduces a new function which she has to put into multiple locations
> of the original code. So again, why not just modify the 'getuid' function in
> cygwin1.dll to return '0' if the current user is actually SYSTEM or one of the
> administrators?
> 
> Then you have rock-solid emulation. I would not have to modify a single line of
> code.

You're kidding, right?  What about code like this:

  struct stat st;
  stat("foo", &st);
  if (st.st_uid != getuid ())
    /*error*/
  else
    /*do something*/

I'm not saying that this is overly elegant coding, but just as you
expect that getuid() returns 0 for any admin, other applications will
expect that getuid() reflects reality.

Why don't you just override getuid in your application to serve the
applications needs?

  #ifdef __CYGWIN__
  #define getuid()	CYG_getuid()
  #endif

  [...]

  #ifdef __CYGWIN__
  #undef getuid
  uid_t
  CYG_getuid ()
  {
    /* Return 0 for any admin user. */
    if (/*getgroups() contains group 544*/)
      return 0;
    return getuid ();
  }

But be careful.  Just because there are multiple users with admin
permissions, that doesn't mean they all want their mail in the same
mailbox for user 0...


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgph3LSVZtHjl.pgp
Description: PGP signature