aboutsummaryrefslogtreecommitdiff
path: root/winsup/cygwin/shared.cc
diff options
context:
space:
mode:
authorCorinna Vinschen <corinna@vinschen.de>2002-05-13 12:10:49 +0000
committerCorinna Vinschen <corinna@vinschen.de>2002-05-13 12:10:49 +0000
commit043bc3e1eea5042ef269f4f2b6aa6cb760b23fcd (patch)
tree997ee8941dbdca2d08d87c4d14fd98737c658ee3 /winsup/cygwin/shared.cc
parent6eabab557a557abd532eb8f1b089c7814950b37f (diff)
downloadnewlib-043bc3e1eea5042ef269f4f2b6aa6cb760b23fcd.zip
newlib-043bc3e1eea5042ef269f4f2b6aa6cb760b23fcd.tar.gz
newlib-043bc3e1eea5042ef269f4f2b6aa6cb760b23fcd.tar.bz2
* shared.cc (__sec_user): Split into sec_acl() and call orig_sid().
(sec_acl): Create from part of __sec_user(), except creator/owner. * security.h: Define sec_acl() and MAX_DACL_LEN.
Diffstat (limited to 'winsup/cygwin/shared.cc')
-rw-r--r--winsup/cygwin/shared.cc77
1 files changed, 35 insertions, 42 deletions
diff --git a/winsup/cygwin/shared.cc b/winsup/cygwin/shared.cc
index 5f1bc1f..a1ad5e8 100644
--- a/winsup/cygwin/shared.cc
+++ b/winsup/cygwin/shared.cc
@@ -236,6 +236,39 @@ get_null_sd ()
return null_sdp;
}
+BOOL
+sec_acl (PACL acl, BOOL admins, PSID sid1, PSID sid2)
+{
+ size_t acl_len = MAX_DACL_LEN(5);
+
+ if (!InitializeAcl (acl, acl_len, ACL_REVISION))
+ {
+ debug_printf ("InitializeAcl %E");
+ return FALSE;
+ }
+ if (sid2)
+ if (!AddAccessAllowedAce (acl, ACL_REVISION,
+ GENERIC_ALL, sid2))
+ debug_printf ("AddAccessAllowedAce(sid2) %E");
+ if (sid1)
+ if (!AddAccessAllowedAce (acl, ACL_REVISION,
+ GENERIC_ALL, sid1))
+ debug_printf ("AddAccessAllowedAce(sid1) %E", sid1);
+ if (admins)
+ if (!AddAccessAllowedAce (acl, ACL_REVISION,
+ GENERIC_ALL, well_known_admins_sid))
+ debug_printf ("AddAccessAllowedAce(admin) %E");
+ if (!AddAccessAllowedAce (acl, ACL_REVISION,
+ GENERIC_ALL, well_known_system_sid))
+ debug_printf ("AddAccessAllowedAce(system) %E");
+#if 0 /* Does not seem to help */
+ if (!AddAccessAllowedAce (acl, ACL_REVISION,
+ GENERIC_ALL, well_known_creator_owner_sid))
+ debug_printf ("AddAccessAllowedAce(creator_owner) %E");
+#endif
+ return TRUE;
+}
+
PSECURITY_ATTRIBUTES __stdcall
__sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
{
@@ -246,50 +279,10 @@ __sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
cygsid sid;
- if (cygheap->user.sid ())
- sid = cygheap->user.sid ();
- else if (!lookup_name (getlogin (), cygheap->user.logsrv (), sid))
+ if (!(sid = cygheap->user.orig_sid ()) ||
+ (!sec_acl (acl, TRUE, sid, sid2)))
return inherit ? &sec_none : &sec_none_nih;
- size_t acl_len = sizeof (ACL)
- + 4 * (sizeof (ACCESS_ALLOWED_ACE) - sizeof (DWORD))
- + GetLengthSid (sid)
- + GetLengthSid (well_known_admins_sid)
- + GetLengthSid (well_known_system_sid)
- + GetLengthSid (well_known_creator_owner_sid);
- if (sid2)
- acl_len += sizeof (ACCESS_ALLOWED_ACE) - sizeof (DWORD)
- + GetLengthSid (sid2);
-
- if (!InitializeAcl (acl, acl_len, ACL_REVISION))
- debug_printf ("InitializeAcl %E");
-
- if (!AddAccessAllowedAce (acl, ACL_REVISION,
- SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL,
- sid))
- debug_printf ("AddAccessAllowedAce(%s) %E", getlogin ());
-
- if (!AddAccessAllowedAce (acl, ACL_REVISION,
- SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL,
- well_known_admins_sid))
- debug_printf ("AddAccessAllowedAce(admin) %E");
-
- if (!AddAccessAllowedAce (acl, ACL_REVISION,
- SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL,
- well_known_system_sid))
- debug_printf ("AddAccessAllowedAce(system) %E");
-
- if (!AddAccessAllowedAce (acl, ACL_REVISION,
- SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL,
- well_known_creator_owner_sid))
- debug_printf ("AddAccessAllowedAce(creator_owner) %E");
-
- if (sid2)
- if (!AddAccessAllowedAce (acl, ACL_REVISION,
- SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL,
- sid2))
- debug_printf ("AddAccessAllowedAce(sid2) %E");
-
if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION))
debug_printf ("InitializeSecurityDescriptor %E");