On Oct 17 14:19, Christian Franke wrote: > Observation: When Cygwin spawns a process with CreateProcessAsUser(), the > child process main thread has a token after startup. > > $ ./gettokinfo -t > OpenThreadToken: 1008 > > $ ./cygdrop ./gettokinfo -t > Thread Token > Type: Impersonation > Impersonation Level: SecurityImpersonation > ... > > The problem is that some calls (from _cygtls?) to user.reimpersonate() > appear between startup and uinfo_init(). uinfo_init() does not call > RevertToSelf() after closing the inherited token. > > Quick fix: > > @@ -155,7 +161,7 @@ uinfo_init () > cygheap->user.curr_token_is_restricted = false; > cygheap->user.setuid_to_restricted = false; > cygheap->user.set_saved_sid (); /* Update the original sid */ > - cygheap->user.reimpersonate (); > + cygheap->user.deimpersonate (); > } > > Typo ?
Oversight, it seems. The reimpersonate call was ok in Cygwin 1.5 since the process was always running under an impersonation token and reimpersonate() looked different back then. Thanks for catching! Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat
