aboutsummaryrefslogtreecommitdiff
path: root/winsup/cygwin
diff options
context:
space:
mode:
Diffstat (limited to 'winsup/cygwin')
-rw-r--r--winsup/cygwin/ChangeLog7
-rw-r--r--winsup/cygwin/security.cc19
2 files changed, 20 insertions, 6 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 90bbd21..ae5e1f5 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,4 +1,9 @@
-2005-06-06 Corinna Vinschen <corinna@vinschen.de>
+2005-06-08 Corinna Vinschen <corinna@vinschen.de>
+
+ * security.cc (cygwin_logon_user): Run LogonUser in the primary
+ process token context. Fix potential handle leak.
+
+2005-06-07 Corinna Vinschen <corinna@vinschen.de>
* pinfo.cc (pinfo::init): Define sa_buf as PSECURITY_ATTRIBUTES and
allocate dynamically.
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index aa961c9..c589513 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -124,17 +124,26 @@ cygwin_logon_user (const struct passwd *pw, const char *password)
extract_nt_dom_user (pw, nt_domain, nt_user);
debug_printf ("LogonUserA (%s, %s, %s, ...)", nt_user, nt_domain, password);
+ /* CV 2005-06-08: LogonUser should run under the primary process token,
+ otherwise it returns with ERROR_ACCESS_DENIED on W2K. Don't ask me why. */
+ RevertToSelf ();
if (!LogonUserA (nt_user, *nt_domain ? nt_domain : NULL, (char *) password,
LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT,
- &hToken)
- || !SetHandleInformation (hToken,
- HANDLE_FLAG_INHERIT,
- HANDLE_FLAG_INHERIT))
+ &hToken))
{
__seterrno ();
- return INVALID_HANDLE_VALUE;
+ hToken = INVALID_HANDLE_VALUE;
+ }
+ else if (!SetHandleInformation (hToken,
+ HANDLE_FLAG_INHERIT,
+ HANDLE_FLAG_INHERIT))
+ {
+ __seterrno ();
+ CloseHandle (hToken);
+ hToken = INVALID_HANDLE_VALUE;
}
+ cygheap->user.reimpersonate ();
debug_printf ("%d = logon_user(%s,...)", hToken, pw->pw_name);
return hToken;
}
generated by cgit v1.1 at 2024-11-15 19:16:36 +0000