libs/newlib-cygwin
libs
/
newlib-cygwin
mirror of git://sourceware.org/git/newlib-cygwin.git
4
0
Fork 0
Code Issues Projects Releases Wiki Activity

Cygwin: uinfo: don't special case current user 

fetch_account_from_windows shortcuts the current user in that
it takes the user's domain SID and just adds the matching RID
from the token's primary group to create a group SID.

How wrong this is can be very simply reproduced:

Assuming you run a native process, like cmd, with primary group
set to the Administrators builtin group.  Run Cygwin's id(1) as
child process.  id(1) will print a non-existent group as primary
group and also add it to the group list.

This can only be avoided by not special casing the current user
and thus not creating a group SID from partial information.

Fixes: 6cc7c925ce ("(pwdgrp::fetch_account_from_windows): Default primary group for the
current user to primary group from user token.")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen 2022-12-02 16:49:47 +01:00
parent dc7b67316d
commit a5bcfe616c
1 changed files with 6 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
winsup/cygwin/uinfo.cc
View File

@ -1855,7 +1855,6 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
gid_t gid = ILLEGAL_GID;
bool is_domain_account = true;
PCWSTR domain = NULL;
bool is_current_user = false;
char *shell = NULL;
char *home = NULL;
char *gecos = NULL;
@ -2314,18 +2313,9 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
uid = posix_offset + sid_sub_auth_rid (sid);
if (!is_group () && acc_type == SidTypeUser)
{
/* Default primary group. If the sid is the current user, fetch
the default group from the current user token, otherwise make
the educated guess that the user is in group "Domain Users"
or "None". */
if (sid == cygheap->user.sid ())
{
is_current_user = true;
gid = posix_offset
+ sid_sub_auth_rid (cygheap->user.groups.pgsid);
}
else
gid = posix_offset + DOMAIN_GROUP_RID_USERS;
/* Default primary group. Make the educated guess that the user
is in group "Domain Users" or "None". */
gid = posix_offset + DOMAIN_GROUP_RID_USERS;
}
if (is_domain_account)
@ -2336,11 +2326,9 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
/* On AD machines, use LDAP to fetch domain account infos. */
if (cygheap->dom.primary_dns_name ())
{
/* For the current user we got correctly cased username and
the primary group via process token. For any other user
we fetch it from AD and overwrite it. */
if (!is_current_user
&& cldap->fetch_ad_account (sid, false, domain))
/* Fetch primary group from AD and overwrite the one we
just guessed above. */
if (cldap->fetch_ad_account (sid, false, domain))
{
if ((val = cldap->get_account_name ()))
wcscpy (name, val);