The eternal uid issue

Thu Jul 24 13:52:00 GMT 2014

On Jul 24 08:52, D. Boland wrote:
> In your previous mail, you propose the following function to check for 'root'
> privileges, which an upstream maintainer could put in his code:
>> int
> is_admin (uid_t uid)
> {
> #ifdef __CYGWIN__
> return [getgrouplist(uid, ...) contains group 544];
> #else [other platform]
> return [different test];
> #else
> return uid == 0;
> #endif
> }
>> But this only introduces a new function which she has to put into multiple locations
> of the original code. So again, why not just modify the 'getuid' function in
> cygwin1.dll to return '0' if the current user is actually SYSTEM or one of the
> administrators?
>> Then you have rock-solid emulation. I would not have to modify a single line of
> code.

You're kidding, right? What about code like this:
 struct stat st;
 stat("foo", &st);
 if (st.st_uid != getuid ())
 /*error*/
 else
 /*do something*/
I'm not saying that this is overly elegant coding, but just as you
expect that getuid() returns 0 for any admin, other applications will
expect that getuid() reflects reality.
Why don't you just override getuid in your application to serve the
applications needs?
 #ifdef __CYGWIN__
 #define getuid()	CYG_getuid()
 #endif
 [...]
 #ifdef __CYGWIN__
 #undef getuid
 uid_t
 CYG_getuid ()
 {
 /* Return 0 for any admin user. */
 if (/*getgroups() contains group 544*/)
 return 0;
 return getuid ();
 }
But be careful. Just because there are multiple users with admin
permissions, that doesn't mean they all want their mail in the same
mailbox for user 0...
Corinna
-- 
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20140724/9fd6778c/attachment.sig>