JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* include/sys/cygwin.h: Add new cygwin_getinfo_type

Browse Source 
CW_SET_EXTERNAL_TOKEN.
	Add new enum CW_TOKEN_IMPERSONATION, CW_TOKEN_RESTRICTED.
	* cygheap.h (cyguser): New flags ext_token_is_restricted,
	curr_token_is_restricted and setuid_to_restricted.
	* external.cc (cygwin_internal): Add CW_SET_EXTERNAL_TOKEN.
	* sec_auth.cc (set_imp_token): New function.
	(cygwin_set_impersonation_token): Call set_imp_token ().
	* security.h (set_imp_token): New prototype.
	* spawn.cc (spawn_guts): Use CreateProcessAsUserW if restricted token
	was enabled by setuid().  Do not create new window station in this case.
	* syscalls.cc (seteuid32): Add handling of restricted external tokens.
	Set HANDLE_FLAG_INHERIT for primary token.
	(setuid32): Set setuid_to_restricted flag.
	* uinfo.cc (uinfo_init): Do not reimpersonate if restricted token was
	enabled by setuid ().  Initialize user.*_restricted flags.
This commit is contained in:
Corinna Vinschen
2009-10-13 10:23:31 +00:00
parent 6c41e710c9
commit 0191627a26
9 changed files with 122 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
winsup/cygwin/uinfo.cc
View File

@@ -136,7 +136,8 @@ uinfo_init ()
else if (cygheap->user.issetuid ()
&& cygheap->user.saved_uid == cygheap->user.real_uid
&& cygheap->user.saved_gid == cygheap->user.real_gid
&& !cygheap->user.groups.issetgroups ())
&& !cygheap->user.groups.issetgroups ()
&& !cygheap->user.setuid_to_restricted)
{
cygheap->user.reimpersonate ();
return;
@@ -150,6 +151,9 @@ uinfo_init ()
cygheap->user.internal_token = NO_IMPERSONATION;
cygheap->user.curr_primary_token = NO_IMPERSONATION;
cygheap->user.curr_imp_token = NO_IMPERSONATION;
cygheap->user.ext_token_is_restricted = false;
cygheap->user.curr_token_is_restricted = false;
cygheap->user.setuid_to_restricted = false;
cygheap->user.set_saved_sid (); /* Update the original sid */
cygheap->user.reimpersonate ();
}