> > > so there's no means to obtain _current_ user id of running
> > > process, only a lookup from a username (or userid).
> >
> > Not yet. Nobody has needed that ability so far. Feel free to implement
> > it though. APR follows a VERY simple rule. We don't implement
> a feature
> > until it is needed. :-)
>
> ack!
>
> > One warning, I have no idea how this would work on Windows. In
> order for
> > this to really be useful, we have to figure that piece out.
>
> yep.
>
> i mean, i can get away with getenv('USER') and to be honest, it
> doesn't bother me. it might bother other people though.
>
> btw, just so you know: i know it _is_ possible else how would
> cygwin work?
>
> .... and i do know that jeremy had a hell of a time getting setuid()
> to work. it's almost impossible: none of the published APIs
> describe how to do it. you can 'impersonate' an existing context
> e.g. ImpersonateNamedPipeClient or similar but you can't
> actually do a sudo. okay, it's been done, recently, and there
> does exist SU.EXE, but still.... :)
Check out:
LogonUser -
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/hh
/winbase/accclsrv_9cfm.asp
ImpersonateLoggedOnUser -
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/hh
/winbase/accclsrv_0jle.asp
Maybe that can do the trick?
Sander
