This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: supplement cygwin_logon_user with CreateProcessWithLogonW?

> > CreateProcessWithLogonW (as opposed to the LogonUser /
> CreateProcessAsUser)
> > combination. This is because CreateProcessWithLogonW utilises the RunAs
> > (2000)/SecondaryLogon (XP) service. Would it make sense to
> modify Cygwin so
> > this could be used in place of cygwin_logon_user if one so
> wished? If so,
> > I'll go about creating a patch.
> Hmm, how are you planning to do that?  Which application do you have in
> mind to use that functionality, su?
su was the main one.

> Oh, btw., do you have a pointer to MS documentation which talks about
> CreateProcessWithLogonW() utilizing RunAs?  I have not found a word of
> that in MSDN.  Just curious.
It's not documented - but Microsoft said this function used the RunAs
service when the RunAs pipe authentication vulnerability was discovered.
First hint: Function is in advapi32.lib, not kernel32.lib.
Second hint: No extra priveleges required.

There is also a CreateProcessWithTokenW available with .NET server.


Unsubscribe info:
Bug reporting:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]