Partially revert change from 2005-04-03, always running under an

	impersonation token, which collides with Vista UAC.
	* cygheap.h (deimpersonate): revert to self instead of impersonating
	hProcImpToken.
	(reimpersonate): Only impersonate if setuid.
	* dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here.
	(dll_crt0_1): Set privileges on hProcToken.
	* fork.cc (frok::child): Set privileges on hProcToken.  Close handle to
	hProcImpToken.
	* grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken.
	* security.cc (check_access): Create hProcImpToken on demand here.
	* security.h (set_process_privilege): Set privileges on hProcToken.
	(_push_thread_privilege): Use hProcToken instead of hProcImpToken.
	(pop_thread_privilege): If not setuid'ed, revert to self.
	* syscalls.cc (setegid32): Drop setting primary group on hProcImpToken.
	Close handle to hProcImpToken.
	* uinfo.cc (internal_getlogin): Ditto.
	* winsup.h (clear_procimptoken): New inline function.

1 files changed, 11 insertions, 0 deletions

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index c5a8f5ca3..d25e3c68b 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -2129,6 +2129,17 @@ check_access (security_descriptor &sd, GENERIC_MAPPING &mapping,
   HANDLE tok = cygheap->user.issetuid () ? cygheap->user.token ()
 					 : hProcImpToken;
 
+  if (!tok && !DuplicateTokenEx (hProcToken, MAXIMUM_ALLOWED, NULL,
+				 SecurityImpersonation, TokenImpersonation,
+				 &hProcImpToken))
+#ifdef DEBUGGING
+	system_printf ("DuplicateTokenEx failed, %E");
+#else
+	syscall_printf ("DuplicateTokenEx failed, %E");
+#endif
+  else
+    tok = hProcImpToken;
+
   if (!AccessCheck (sd, tok, desired, &mapping, pset, &plen, &granted, &status))
     __seterrno ();
   else if (!status)