From 5684cfebba943eb10d16216a16793d464c1b2a1d Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Tue, 12 Dec 2006 16:27:32 +0000 Subject: Partially revert change from 2005-04-03, always running under an impersonation token, which collides with Vista UAC. * cygheap.h (deimpersonate): revert to self instead of impersonating hProcImpToken. (reimpersonate): Only impersonate if setuid. * dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here. (dll_crt0_1): Set privileges on hProcToken. * fork.cc (frok::child): Set privileges on hProcToken. Close handle to hProcImpToken. * grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken. * security.cc (check_access): Create hProcImpToken on demand here. * security.h (set_process_privilege): Set privileges on hProcToken. (_push_thread_privilege): Use hProcToken instead of hProcImpToken. (pop_thread_privilege): If not setuid'ed, revert to self. * syscalls.cc (setegid32): Drop setting primary group on hProcImpToken. Close handle to hProcImpToken. * uinfo.cc (internal_getlogin): Ditto. * winsup.h (clear_procimptoken): New inline function. --- winsup/cygwin/cygheap.h | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'winsup/cygwin/cygheap.h') diff --git a/winsup/cygwin/cygheap.h b/winsup/cygwin/cygheap.h index 0c54bad1a..f33feb546 100644 --- a/winsup/cygwin/cygheap.h +++ b/winsup/cygwin/cygheap.h @@ -182,14 +182,13 @@ public: void deimpersonate () { if (issetuid ()) - { - RevertToSelf (); - ImpersonateLoggedOnUser (hProcImpToken); - } + RevertToSelf (); } bool reimpersonate () { - return ImpersonateLoggedOnUser (issetuid () ? token () : hProcImpToken); + if (issetuid ()) + return ImpersonateLoggedOnUser (token ()); + return true; } bool has_impersonation_tokens () { return external_token != NO_IMPERSONATION -- cgit v1.2.3