diff options
author | Corinna Vinschen <corinna@vinschen.de> | 2016-01-21 18:32:16 +0100 |
---|---|---|
committer | Corinna Vinschen <corinna@vinschen.de> | 2016-01-21 18:32:16 +0100 |
commit | b5c80f5a59fda4e3890bf3cb515a67f420057e02 (patch) | |
tree | 537441a3192f76859bffefcf233eca34158d79e5 | |
parent | d44ec01ea175d6fb226191e19533cc7675dfae0d (diff) | |
download | cygnal-b5c80f5a59fda4e3890bf3cb515a67f420057e02.tar.gz cygnal-b5c80f5a59fda4e3890bf3cb515a67f420057e02.tar.bz2 cygnal-b5c80f5a59fda4e3890bf3cb515a67f420057e02.zip |
cygwin_logon_user: Return non-privileged token as well
If the calling process doesn't have sufficient privileges to
fetch the linked token of an admin-user token, cygwin_logon_user
fails. This patch changes that by returning the original,
unprivileged token of the admin user to allow authentication
and calling setuid for the current process.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
-rw-r--r-- | winsup/cygwin/sec_auth.cc | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc index aef13191d..d44cb2d81 100644 --- a/winsup/cygwin/sec_auth.cc +++ b/winsup/cygwin/sec_auth.cc @@ -172,13 +172,17 @@ cygwin_logon_user (const struct passwd *pw, const char *password) } else { + HANDLE hPrivToken = NULL; + /* See the comment in get_full_privileged_inheritable_token for a description why we enable TCB privileges here. */ push_self_privilege (SE_TCB_PRIVILEGE, true); - hToken = get_full_privileged_inheritable_token (hToken); + hPrivToken = get_full_privileged_inheritable_token (hToken); pop_self_privilege (); - if (!hToken) - hToken = INVALID_HANDLE_VALUE; + if (!hPrivToken) + debug_printf ("Can't fetch linked token (%E), use standard token"); + else + hToken = hPrivToken; } RtlSecureZeroMemory (passwd, NT_MAX_PATH); cygheap->user.reimpersonate (); |