https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=b5c80f5a59fda4e3890bf3cb515a67f420057e02
commit b5c80f5a59fda4e3890bf3cb515a67f420057e02
Author: Corinna Vinschen <cori...@vinschen.de>
Date: Thu Jan 21 18:32:16 2016 +0100
cygwin_logon_user: Return non-privileged token as well
If the calling process doesn't have sufficient privileges to
fetch the linked token of an admin-user token, cygwin_logon_user
fails. This patch changes that by returning the original,
unprivileged token of the admin user to allow authentication
and calling setuid for the current process.
Signed-off-by: Corinna Vinschen <cori...@vinschen.de>
Diff:
---
winsup/cygwin/sec_auth.cc | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc
index aef1319..d44cb2d 100644
--- a/winsup/cygwin/sec_auth.cc
+++ b/winsup/cygwin/sec_auth.cc
@@ -172,13 +172,17 @@ cygwin_logon_user (const struct passwd *pw, const char
*password)
}
else
{
+ HANDLE hPrivToken = NULL;
+
/* See the comment in get_full_privileged_inheritable_token for a
description why we enable TCB privileges here. */
push_self_privilege (SE_TCB_PRIVILEGE, true);
- hToken = get_full_privileged_inheritable_token (hToken);
+ hPrivToken = get_full_privileged_inheritable_token (hToken);
pop_self_privilege ();
- if (!hToken)
- hToken = INVALID_HANDLE_VALUE;
+ if (!hPrivToken)
+ debug_printf ("Can't fetch linked token (%E), use standard token");
+ else
+ hToken = hPrivToken;
}
RtlSecureZeroMemory (passwd, NT_MAX_PATH);
cygheap->user.reimpersonate ();
