diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2000-06-16 19:36:07 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2000-06-16 19:36:07 +0000 |
| commit | 64b3062937b791faafddc02e9d38102a75b37a7a (patch) | |
| tree | 48895becfe9d6a9816a99573c1dd716878d67fa4 /winsup/cygwin/spawn.cc | |
| parent | 3875d9e65223107ecc5ee8ce7f6510e092779da9 (diff) | |
| download | cygnal-64b3062937b791faafddc02e9d38102a75b37a7a.tar.gz cygnal-64b3062937b791faafddc02e9d38102a75b37a7a.tar.bz2 cygnal-64b3062937b791faafddc02e9d38102a75b37a7a.zip | |
* cygwin.din: Define symbols for `cygwin_logon_user' and
`cygwin_set_impersonation_token'.
* dcrt0.cc (dll_crt0_1): Eliminate superfluous conditional
statements.
Add load statements for `ImpersonateLoggedOnUser', `LogonUserA'
and `RevertToSelf'.
* fork.cc (fork): Care for correct impersonation of parent
and child process.
* security.cc (cygwin_set_impersonation_token): New function.
(cygwin_logon_user): Ditto.
shared.h (class pinfo): New members `orig_uid', `orig_gid',
`real_uid' nad `real_gid'.
spawn.cc (spawn_guts): Care for impersonation when starting
child process in a different user context.
* syscalls.cc (setgid): Call `setegid' now. Set real_gid.
(setuid): Call `seteuid' now. Set real_uid.
(seteuid): Functionality moved from setuid to here. Care for
correct impersonation.
(setegid): Functionality moved from setgid to here.
* uinfo.cc (uinfo_init): Initialization of additional pinfo
members.
(getuid): Return real uid.
(getgid): Return real gid.
(geteuid): Return effective uid.
(getegid): Return effective gid.
include/sys/cygwin.h: Add prototypes for `cygwin_logon_user' and
`cygwin_set_impersonation_token'.
include/cygwin/version.h: Bumb API minor version to 22.
Diffstat (limited to 'winsup/cygwin/spawn.cc')
| -rw-r--r-- | winsup/cygwin/spawn.cc | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/winsup/cygwin/spawn.cc b/winsup/cygwin/spawn.cc index 1ff08e4bc..65e3bd665 100644 --- a/winsup/cygwin/spawn.cc +++ b/winsup/cygwin/spawn.cc @@ -503,6 +503,9 @@ skip_arg_parsing: /* Preallocated buffer for `sec_user' call */ char sa_buf[1024]; + if (!hToken && myself->token != INVALID_HANDLE_VALUE) + hToken = myself->token; + if (hToken) { /* allow the child to interact with our window station/desktop */ @@ -535,6 +538,11 @@ skip_arg_parsing: else system_printf ("GetTokenInformation: %E"); + /* Remove impersonation */ + uid_t uid = geteuid(); + if (myself->impersonated && myself->token != INVALID_HANDLE_VALUE) + seteuid (myself->orig_uid); + rc = CreateProcessAsUser (hToken, real_path, /* image name - with full path */ one_line.buf, /* what was passed to exec */ @@ -550,6 +558,9 @@ skip_arg_parsing: 0, /* use current drive/directory */ &si, &pi); + /* Restore impersonation */ + if (myself->impersonated && myself->token != INVALID_HANDLE_VALUE) + seteuid (uid); } else rc = CreateProcessA (real_path, /* image name - with full path */ |