Return-Path: 
 <dev-return-3159-apmail-apr-dev-archive=apr.apache.org@apr.apache.org>
Delivered-To: apmail-apr-dev-archive@apr.apache.org
Received: (qmail 5606 invoked by uid 500); 9 Jul 2001 22:50:53 -0000
Mailing-List: contact dev-help@apr.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:dev@apr.apache.org>
List-Help: <mailto:dev-help@apr.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@apr.apache.org>
List-Subscribe: <mailto:dev-subscribe@apr.apache.org>
Delivered-To: mailing list dev@apr.apache.org
Received: (qmail 5585 invoked from network); 9 Jul 2001 22:50:50 -0000
Date: Tue, 10 Jul 2001 00:50:08 +0200
From: Luke Kenneth Casson Leighton <lkcl@samba-tng.org>
To: Sander Striker <striker@apache.org>
Cc: rbb@covalent.net, Cliff Woolley <cliffwoolley@yahoo.com>,
	dev@apr.apache.org
Subject: Re: exploration of APR goes on
Message-ID: <20010710005008.L18140@angua.rince.de>
Mail-Followup-To: Sander Striker <striker@apache.org>,
	rbb@covalent.net, Cliff Woolley <cliffwoolley@yahoo.com>,
	dev@apr.apache.org
References: <20010710001411.G18140@angua.rince.de>
 <JLEGKKNELMHCJPNMOKHOKEKMECAA.striker@apache.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.4i
In-Reply-To: <JLEGKKNELMHCJPNMOKHOKEKMECAA.striker@apache.org>;
 from striker@apache.org on Tue, Jul 10, 2001 at 12:49:38AM +0200
X-Spam-Rating: h31.sny.collab.net 1.6.2 0/1000/N

On Tue, Jul 10, 2001 at 12:49:38AM +0200, Sander Striker wrote:
> > > > so there's no means to obtain _current_ user id of running
> > > > process, only a lookup from a username (or userid).
> > >
> > > Not yet.  Nobody has needed that ability so far.  Feel free to implement
> > > it though.  APR follows a VERY simple rule.  We don't implement
> > a feature
> > > until it is needed.  :-)
> >
> > ack!
> >
> > > One warning, I have no idea how this would work on Windows.  In
> > order for
> > > this to really be useful, we have to figure that piece out.
> >
> > yep.
> >
> > i mean, i can get away with getenv('USER') and to be honest, it
> > doesn't bother me.  it might bother other people though.
> >
> > btw, just so you know: i know it _is_ possible else how would
> > cygwin work?
> >
> > .... and i do know that jeremy had a hell of a time getting setuid()
> > to work.  it's almost impossible: none of the published APIs
> > describe how to do it.  you can 'impersonate' an existing context
> > e.g. ImpersonateNamedPipeClient or similar but you can't
> > actually do a sudo.  okay, it's been done, recently, and there
> > does exist SU.EXE, but still.... :)
> 
> Check out:
> 
> LogonUser -
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/hh
> /winbase/accclsrv_9cfm.asp
> 
> ImpersonateLoggedOnUser -
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/hh
> /winbase/accclsrv_0jle.asp
> 
> 
> Maybe that can do the trick?

don't know about LogonUser.  yes i do: it has to have a password.

ImpersonateLoggedOnUser?  same thing as ImpersonateNamedPipeClient.

i.e. you can only impersonate an existing user IF you have a handle
to that user.

there is no published public API to *create* a new user context.
it's buried.  i think the ntinternals, the bindview or other
security people have probably found an 'undocumented' API, but
that's not the sort of thing you put into soemthing like APR.

luke