Re: Filtered tokens

2010-04-27 Thread Corinna Vinschen
On Apr 27 10:14, Patrick Julien wrote: > On Tue, Apr 27, 2010 at 9:58 AM, Corinna Vinschen > > The basic problem is that Cygwin doesn't constitute a remote desktop > > logon server.  A session can only be created by a trusted logon process. > > There isn;'t a simple API to request a new session ID.

Re: Filtered tokens

2010-04-27 Thread Patrick Julien
On Tue, Apr 27, 2010 at 9:58 AM, Corinna Vinschen wrote: > On Apr 27 09:33, Patrick Julien wrote: >> On Tue, Apr 27, 2010 at 9:26 AM, Corinna Vinschen >> wrote: >> > On Apr 27 08:39, Patrick Julien wrote: >> >> OK, I understand why it's the privileged token but why is it still in >> >> session 0

Re: Filtered tokens

2010-04-27 Thread Patrick Julien
On Tue, Apr 27, 2010 at 9:58 AM, Corinna Vinschen wrote: > On Apr 27 09:33, Patrick Julien wrote: >> On Tue, Apr 27, 2010 at 9:26 AM, Corinna Vinschen >> wrote: >> > On Apr 27 08:39, Patrick Julien wrote: >> >> OK, I understand why it's the privileged token but why is it still in >> >> session 0

Re: Filtered tokens

2010-04-27 Thread Corinna Vinschen
On Apr 27 09:33, Patrick Julien wrote: > On Tue, Apr 27, 2010 at 9:26 AM, Corinna Vinschen > wrote: > > On Apr 27 08:39, Patrick Julien wrote: > >> OK, I understand why it's the privileged token but why is it still in > >> session 0? > > > > Because it's started in session 0.  Creating our own se

Re: Filtered tokens

2010-04-27 Thread Patrick Julien
On Tue, Apr 27, 2010 at 9:26 AM, Corinna Vinschen wrote: > On Apr 27 08:39, Patrick Julien wrote: >> OK, I understand why it's the privileged token but why is it still in >> session 0? > > Because it's started in session 0.  Creating our own session for each user > could result in an enormous mem

Re: Filtered tokens

2010-04-27 Thread Corinna Vinschen
On Apr 27 08:39, Patrick Julien wrote: > OK, I understand why it's the privileged token but why is it still in session > 0? Because it's started in session 0. Creating our own session for each user could result in an enormous memory leak. > Also, it doesn't really explain why the files are all

Re: Filtered tokens

2010-04-27 Thread Patrick Julien
have read the page found at >> http://www.cygwin.com/cygwin-ug-net/ntsec.html but I still see the >> following 2 issues with filtered tokens as implemented by Vista/7 when >> used by cygwin. >> >> When I say filtered tokens, I'm talking about the dual token strate

Re: Filtered tokens

2010-04-27 Thread Corinna Vinschen
On Apr 26 15:34, Patrick Julien wrote: > I have read the page found at > http://www.cygwin.com/cygwin-ug-net/ntsec.html but I still see the > following 2 issues with filtered tokens as implemented by Vista/7 when > used by cygwin. > > When I say filtered tokens, I'm talki

Filtered tokens

2010-04-26 Thread Patrick Julien
I have read the page found at http://www.cygwin.com/cygwin-ug-net/ntsec.html but I still see the following 2 issues with filtered tokens as implemented by Vista/7 when used by cygwin. When I say filtered tokens, I'm talking about the dual token strategy these systems use to keep administr