| www.delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-3.8 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,KHOP_RCVD_TRUST,KHOP_THREADED,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE |
| X-Spam-Check-By: | sourceware.org |
| MIME-Version: | 1.0 |
| In-Reply-To: | <CE9C056E12502146A72FD81290379E9A49600AF0@ENFIRHMBX1.datcon.co.uk> |
| References: | <CAG9p0OTFaLUp7c8zpOtVQ=4zt-=fAqPvURJw758FS+d2rPOtgw AT mail DOT gmail DOT com> <CE9C056E12502146A72FD81290379E9A49600AF0 AT ENFIRHMBX1 DOT datcon DOT co DOT uk> |
| Date: | Wed, 15 Aug 2012 05:39:47 -0400 |
| Message-ID: | <CAG9p0OQsu08mOqGC4NkAvKE_GbjvBJk675XR6TdU5+urbNsEuQ@mail.gmail.com> |
| Subject: | Re: Question about UAC and bash/cygwin |
| From: | Lord Laraby <lord DOT laraby AT gmail DOT com> |
| To: | cygwin AT cygwin DOT com |
| X-IsSubscribed: | yes |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Unsubscribe: | <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
Adam Dinwoodie wrote: > Lord Laraby wrote: >>I've scanned months of the mailing list archives for an answers and searched >>until I've run out of ideas. > > Have you taken a look through the Cygwin user's guide? In particular, I suspect > the section on using Windows security in Cygwin will be relevant: > > http://cygwin.com/cygwin-ug-net/ntsec.html I did indeed. In fact,I've tried to keep that document current in my mind with every new cygwin.dll that comes out. It's very informative about *Windows* security model. However, what I can't see in that document (or the whole users guide) are topics related to UAC, privilege escalation/elevation (getting real administrator rights when you are an administrator), and anything about object integrity levels. How these things are very present and a pain in the *** on later (modern) windows hosts. There really isn't anything specifically related to WIndows 7's quirks. Also, cygserver and cygLSA are really not well explained. I know they are there and have to do with changing user context. I know about passwd -R and other means of getting good user tokens. I can figure the rest out by reading the code I suppose. Where I am lost in this is simply who does cygwin recognize I'm elevated to true administrator? It doesn't seem to and keeps putting all the files and directories I create (while escalated) under my non-elevated account rather than under root. Why must I use the machine administrator account for this? I had wanted to leave that special completely disabled, but it seems I'm not allowed to. Also, when installing or updating, it seems I must use the machine administrator account for setup.exe as well? Who owns the installed files, otherwise? Not who I'd think. Sorry if the questions are a bit too numerous. I wish I could just siphon knowledge from Corinna's brain. :) -- Lord Laraby -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |