* fork.cc (fork): Eliminate superfluous call to getuid().

* security.h: New define `NO_SID'. Remove declarations of functions
        moved to methods into class cygsid.
        (class cygsid): Declare new methods `getfromstr', `get_sid',
        `getfrompw', `getfromgr', `get_rid', `get_uid', `get_gid', `string'
        and new constructors and operators =, == and !=.
        Declare new global cygsids `well_known_XXX_sid' substituting the
        corresponding `get_XXX_sid' functions. Remove declarations of
        these functions.
        * sec_helper.cc (well_known_admin_sid): New global variable.
        (well_known_system_sid): Ditto
        (well_known_creator_owner_sid): Ditto
        (well_known_world_sid): Ditto
        (cygsid::string): New method, substituting `convert_sid_to_string_sid'.
        (cygsid::get_sid): New method, substituting `get_sid'.
        (cygsid::getfromstr): New method, substituting
        `convert_string_sid_to_sid'.
        (cygsid::getfrompw): New method, substituting `get_pw_sid'.
        (cygsid::getfromgr): New method, substituting `get_gr_sid'.
        (cygsid::get_id): New method, substituting `get_id_from_sid'.
        (get_admin_sid): Eliminated.
        (get_system_sid): Ditto.
        (get_creator_owner_sid): Ditto.
        (get_world_sid): Ditto.
        * grp.cc: Use new cygsid methods and well known sids throughout.
        * registry.cc: Ditto.
        * sec_acl.cc: Ditto.
        * security.cc: Ditto.
        * shared.cc: Ditto.
        * syscalls.cc (seteuid): Ditto. Eliminate redundant conditional.
        * uinfo.cc (internal_getlogin): Ditto.
        * spawn.cc (spawn_guts) Revert previous patch.
This commit is contained in:
Corinna Vinschen
2001-05-15 19:23:31 +00:00
parent 75f9ca7b0c
commit 2b0a111fcf
12 changed files with 179 additions and 161 deletions

View File

@@ -1984,9 +1984,12 @@ seteuid (uid_t uid)
if (!GetTokenInformation (cygheap->user.token, TokenUser,
&tsid, sizeof tsid, &siz))
debug_printf ("GetTokenInformation(): %E");
else if (get_pw_sid (psid, pw_new) && tsid != psid)
else if (psid.getfrompw (pw_new) && tsid != psid)
{
/* If not, RevertToSelf and close old token. */
char tstr[256], pstr[256];
debug_printf ("tsid (%s) != psid (%s)",
tsid.string (tstr), psid.string (pstr));
RevertToSelf ();
cygwin_set_impersonation_token (INVALID_HANDLE_VALUE);
}
@@ -2003,36 +2006,35 @@ seteuid (uid_t uid)
}
/* If no impersonation is active but an impersonation
token is available, try to impersonate. */
if (!cygheap->user.impersonated)
if (cygheap->user.token != INVALID_HANDLE_VALUE &&
!cygheap->user.impersonated)
{
debug_printf ("Impersonate (uid == %d)", uid);
RevertToSelf ();
if (cygheap->user.token != INVALID_HANDLE_VALUE)
{
struct group *gr;
/* Try setting owner to same value as user. */
if (!SetTokenInformation (cygheap->user.token,
TokenOwner,
&tsid, sizeof tsid))
debug_printf ("SetTokenInformation(user.token, "
"TokenOwner): %E");
/* Try setting primary group in token to current group. */
if ((gr = getgrgid (myself->gid)) &&
get_gr_sid (gsid, gr) &&
!SetTokenInformation (cygheap->user.token,
TokenPrimaryGroup,
&gsid, sizeof gsid))
debug_printf ("SetTokenInformation(user.token, "
"TokenPrimaryGroup): %E");
struct group *gr;
/* Now try to impersonate. */
if (!ImpersonateLoggedOnUser (cygheap->user.token))
system_printf ("Impersonating (%d) in set(e)uid "
"failed: %E", cygheap->user.token);
else
cygheap->user.impersonated = TRUE;
}
/* Try setting owner to same value as user. */
if (!SetTokenInformation (cygheap->user.token,
TokenOwner,
&tsid, sizeof tsid))
debug_printf ("SetTokenInformation(user.token, "
"TokenOwner): %E");
/* Try setting primary group in token to current group. */
if ((gr = getgrgid (myself->gid)) &&
gsid.getfromgr (gr) &&
!SetTokenInformation (cygheap->user.token,
TokenPrimaryGroup,
&gsid, sizeof gsid))
debug_printf ("SetTokenInformation(user.token, "
"TokenPrimaryGroup): %E");
/* Now try to impersonate. */
if (!ImpersonateLoggedOnUser (cygheap->user.token))
system_printf ("Impersonating (%d) in set(e)uid "
"failed: %E", cygheap->user.token);
else
cygheap->user.impersonated = TRUE;
}
}
@@ -2084,7 +2086,7 @@ setegid (gid_t gid)
cygsid gsid;
HANDLE ptok;
if (get_gr_sid (gsid, gr))
if (gsid.getfromgr (gr))
{
if (!OpenProcessToken (GetCurrentProcess (),
TOKEN_ADJUST_DEFAULT,