win_pageant fails when running as Administrator and PAgeant is running as UAC-limited account #98
I've adopted Windows 8, which is much more aggressive about requiring UAC (i.e. some apps refuse to run unless UAC is enabled). As a result, I've started using UAC, and I'm running into issues with interprocess communication, such as win_pageant uses for communicating with PAgeant. This is one such issue.
When one invokes win_pagent when running as Administrator (but with PAgeant running as the UAC limited user), it fails to communicate with the process:
Run the same command in the same environment, but as a limited user, and it does not fail. Reverse the roles (run ssh.agent.Agent in a limited context with PAgeant as an Administrator), and it fails similarly.
I've confirmed that pscp (PuTTY's implementation of scp) is able to get keys from the PAgeant even in this situation (where pscp is running as Administrator but PAgeant is not). Therefore, it should be possible for the ssh library to do the same.
I expect I own this ticket, so I will investigate. Any tips appreciated.
The text was updated successfully, but these errors were encountered:
…file used to communicate with PAgeant (per issue paramiko#98).
I've started work on this in this issue in this branch. It appears as if quite a bit of functionality will need to be implemented in C or c-types or called from pywin32, because mmap doesn't provide an interface for specifying the security identifier (SID), and the reference implementation makes quite a few API calls in order to implement creating the memory-mapped file under the user's own SID.
…er (rather than the default) to avoid permissions failures when the client and the agent run in different UAC contexts. Fixes paramiko#98.