Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
a
AP
01/07/2021, 7:33 PMMay I ask to point me to the engineer working on https://github.com/osquery/osquery/pull/6875/files/5bff4e1a7e9e1e4404f8c496d14c173a972abba6?
z
zwass
01/07/2021, 7:39 PMThat's @Mike Myers
m
Mike Myers
01/07/2021, 7:40 PMYea I'm going to get back to that today
It should be possible to do what Teddy is asking for, but changing the Trustee on the first ACE to "Creator Owner" didn't have the desired effect. The extension was getting 'access denied', despite the pipe being supposedly RW for the user that invoked
osqueryiSo, I have to figure out why that is
a
AP
01/08/2021, 6:42 PM@Mike Myers I have example of code that reads account ACL under which osqueryd running and assigns to named pipe. I can share with you if you like this way. Please let me know
m
Mike Myers
01/08/2021, 7:00 PMYes, I would be interested in this. I was trying to avoid writing code for fetching the user's SID, but I was not successful yet in using a well-known SID string.
Hey @AP I merged the fix already so thanks but I'm good now
a
AP
01/13/2021, 9:23 PMups, sorry, did not see this message earlier.