在MS Windows平台上,与基于Unix的平台上的SUID等效,我有哪些选择? [英] What choices do I have on MS Windows platforms for the equivalent of SUID from Unix-based platforms?
问题描述
要理解我的要求,重要的是要区分Unix中SUID的几种用法.
To understand what I'm asking, it's important to distinguish from among the several uses of SUID in Unix.
我有一个项目,该项目在用户的PATH中使用可执行文件,该文件由该项目拥有,并且其SUID位置1.这样,当它运行时,它将在文件所有者而不是调用用户的上下文中运行.这样,它就可以访问用户没有的权限,从而可以通过常规的文件系统保护来保护这些权限免受用户的侵害.这工作得相当好.计划是将项目迁移到客户端-服务器体系结构,但这将需要一些时间.同时,如何在Windows系统上复制这种行为?
I have a project that uses an executable in the user's PATH which is owned by the project and which has the SUID bit set. In this way, when it runs, it runs in the context of the file's owner, not the calling user. This way, it has access to things that the user does not, and thereby these things are protected from the user by normal file system protections. This works reasonably well. Plans are to move the project to a client-server architecture but that's going to take some time. In the mean time, how can I replicate this type of behavior on Windows systems?
请注意,坦率地说,项目的可执行文件不会调用SETUID库调用,在我看来,考虑到项目的作用,这将是一个很棒的功能.该项目不需要系统根特权.首先要考虑的安全问题是它需要保护自己的文件免受用户(文件所有者以外的任何用户)的侵害,并且如果它能够切换到用户上下文"来访问文件,那将非常好.系统,就好像是主叫用户一样. (通过这种方式,它可以更轻松地确定该项目可以触摸哪些项目,可以触摸哪些项目.)
Note that the project's executables do not call the SETUID library call though, frankly, that would be a great feature to add, in my opinion, given what the project does. The project does not need system root privileges. It's first security concern is that it needs to protect its own files from the user (which is simply any user other than the file owner) and it would be very nice if it had the ability to switch to "user context" to access the file system as if it were the calling user. (In this way, it could more easily determine what is OK for the project to touch and what is not.)
该项目是用C和Java组合编写的-具有SUID设置的C程序将调用Java代码...
The project is written in a combination of C and Java - a C program with SUID set calls the Java code...
我热衷于了解所有这些机制,并且特别关注那些机制:
I am keen to know all such mechanisms, and am especially focused on those which are:
- 适用于C和Java,并且;
- 易于为非Windows程序员实施,并且
- 需要最少的Windows唯一编码.
如果某些解决方案更优越,请分享您对此方面所知的想法.
If some solutions are superior, please share your thoughts on whatever you are aware of in this regard.
注意:
- LogonUser:需要纯文本密码.怎么可能是答案?
- 运行方式:要求在提示"中输入密码! ...与LogonUser一样,只会更糟;我看不出这是什么答案.
推荐答案
Cygwin has an excellent discussion on how they do this without requiring the user password here: Using Windows security in Cygwin
基本上,他们安装了自定义LSA身份验证程序包,该程序包无需密码即可提供安全令牌.作为后备,未安装身份验证包时,他们将使用未记录的NtCreateToken API.
Basically they install a custom LSA authentication package that provides security tokens without requiring a password. As a fallback, when the authentication package is not installed, they use the undocumented NtCreateToken API.
想要模拟的应用程序可以在调用Java之前先进行cygwin setuid调用.
An application wanting to impersonate could make a cygwin setuid call before calling java.
这篇关于在MS Windows平台上,与基于Unix的平台上的SUID等效,我有哪些选择?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
