May I ask to point me to the engineer working on <...
# windowsa
AP
01/07/2021, 7:33 PMMay I ask to point me to the engineer working on https://github.com/osquery/osquery/pull/6875/files/5bff4e1a7e9e1e4404f8c496d14c173a972abba6?
z
zwass
01/07/2021, 7:39 PM
That's @Mike Myers
m
Mike Myers
01/07/2021, 7:40 PMYea I'm going to get back to that today
Mike Myers
01/07/2021, 7:42 PMIt should be possible to do what Teddy is asking for, but changing the Trustee on the first ACE to "Creator Owner" didn't have the desired effect. The extension was getting 'access denied', despite the pipe being supposedly RW for the user that invoked
osqueryiMike Myers
01/07/2021, 7:42 PMSo, I have to figure out why that is
a
AP
01/08/2021, 6:42 PM@Mike Myers I have example of code that reads account ACL under which osqueryd running and assigns to named pipe. I can share with you if you like this way. Please let me know
m
Mike Myers
01/08/2021, 7:00 PMYes, I would be interested in this. I was trying to avoid writing code for fetching the user's SID, but I was not successful yet in using a well-known SID string.
Mike Myers
01/13/2021, 6:07 PMHey @AP I merged the fix already so thanks but I'm good now
a
AP
01/13/2021, 9:23 PMups, sorry, did not see this message earlier.
2 Views