This is the mail archive of the cygwin mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
I'm trying to use cygdrop to drop Administrators from my security access token. I use the Windows whoami utility to dump out the current state of the access token. First, I try without cygdrop: $ /cygdrive/c/Windows/System32/whoami.exe /groups | grep Administrators BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group This shows I'm in the Administrators group. Now, cygdrop should drop the Administrators group, but it doesn't appear to: $ cygdrop /cygdrive/c/Windows/System32/whoami.exe /groups | grep Administrators BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group Here's what cygdrop -v says: $ cygdrop -v echo -n d S-1-5-32-544 [enabled] [default] gid=0(root) d SeIncreaseQuotaPrivilege d SeSecurityPrivilege ... exec 'echo' '-n' So cygdrop does drop the Administrators group (S-1-5-32-544). But then Administrators reappears after cygdrop execs the command. Is there some Windows security setting which could be causing this "undead Administrators" behavior to happen? (I'm using Windows 7) NOTE: I've redacted some info in cygcheck.out - always with XxXxXx, YyYyYy, or similar.
Attachment:
cygcheck.out
Description: Binary data
-- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |