diff options
author | Corinna Vinschen <corinna@vinschen.de> | 2003-02-03 15:55:20 +0000 |
---|---|---|
committer | Corinna Vinschen <corinna@vinschen.de> | 2003-02-03 15:55:20 +0000 |
commit | 153e83c605ece91e9b7e6b15a30591ca218fb9c9 (patch) | |
tree | 6e8caf65d4f144c412e9436dbce61ed7fe0fe8c6 /winsup/cygwin/sec_helper.cc | |
parent | f0f3ea68f3b3e3a7b9e21eee2572a0d69ea4d563 (diff) | |
download | newlib-153e83c605ece91e9b7e6b15a30591ca218fb9c9.zip newlib-153e83c605ece91e9b7e6b15a30591ca218fb9c9.tar.gz newlib-153e83c605ece91e9b7e6b15a30591ca218fb9c9.tar.bz2 |
* security.h: Add third argument to set_process_privilege.
* autoload.cc: Add OpenThreadToken.
* sec_helper.cc (set_process_privilege): Add and use use_thread
argument.
* security.cc (alloc_sd): Modify call to set_process_privilege.
Remember the result in each process. If failed and file owner is not
the user, fail.
Diffstat (limited to 'winsup/cygwin/sec_helper.cc')
-rw-r--r-- | winsup/cygwin/sec_helper.cc | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc index 86389da..9c49c0a 100644 --- a/winsup/cygwin/sec_helper.cc +++ b/winsup/cygwin/sec_helper.cc @@ -294,7 +294,7 @@ got_it: #endif //unused int -set_process_privilege (const char *privilege, BOOL enable) +set_process_privilege (const char *privilege, bool enable, bool use_thread) { HANDLE hToken = NULL; LUID restore_priv; @@ -302,8 +302,12 @@ set_process_privilege (const char *privilege, BOOL enable) int ret = -1; DWORD size; - if (!OpenProcessToken (hMainProc, TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, - &hToken)) + if ((use_thread + && !OpenThreadToken (GetCurrentThread (), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, + 0, &hToken)) + ||(!use_thread + && !OpenProcessToken (hMainProc, TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, + &hToken))) { __seterrno (); goto out; @@ -329,7 +333,6 @@ set_process_privilege (const char *privilege, BOOL enable) be enabled. GetLastError () returns an correct error code, though. */ if (enable && GetLastError () == ERROR_NOT_ALL_ASSIGNED) { - debug_printf ("Privilege %s couldn't be assigned", privilege); __seterrno (); goto out; } |