* sec_helper.cc (cygsid::get_id): If the sid matches a sid stored in
cygheap->user, return the uid or gid from myself. * security.cc (alloc_sd): If gid == myself->gid, return the group sid from cygheap->user. Remove the test for uid == original_uid, which is counter-productive.
This commit is contained in:
@@ -1,3 +1,11 @@
|
|||||||
|
2002-10-22 Pierre Humblet <pierre.humblet@ieee.org>
|
||||||
|
|
||||||
|
* sec_helper.cc (cygsid::get_id): If the sid matches a sid stored in
|
||||||
|
cygheap->user, return the uid or gid from myself.
|
||||||
|
* security.cc (alloc_sd): If gid == myself->gid, return the group sid
|
||||||
|
from cygheap->user. Remove the test for uid == original_uid, which is
|
||||||
|
counter-productive.
|
||||||
|
|
||||||
2002-10-22 Christopher Faylor <cgf@redhat.com>
|
2002-10-22 Christopher Faylor <cgf@redhat.com>
|
||||||
|
|
||||||
* cygheap.cc (cygheap_fixup_in_child): Use user_heap element in
|
* cygheap.cc (cygheap_fixup_in_child): Use user_heap element in
|
||||||
|
@@ -162,6 +162,9 @@ cygsid::get_id (BOOL search_grp, int *type)
|
|||||||
if (!search_grp)
|
if (!search_grp)
|
||||||
{
|
{
|
||||||
struct passwd *pw;
|
struct passwd *pw;
|
||||||
|
if (EqualSid(psid, cygheap->user.sid ()))
|
||||||
|
id = myself->uid;
|
||||||
|
else
|
||||||
for (int pidx = 0; (pw = internal_getpwent (pidx)); ++pidx)
|
for (int pidx = 0; (pw = internal_getpwent (pidx)); ++pidx)
|
||||||
{
|
{
|
||||||
if (sid.getfrompw (pw) && sid == psid)
|
if (sid.getfrompw (pw) && sid == psid)
|
||||||
@@ -180,6 +183,9 @@ cygsid::get_id (BOOL search_grp, int *type)
|
|||||||
if (search_grp || type)
|
if (search_grp || type)
|
||||||
{
|
{
|
||||||
struct __group32 *gr;
|
struct __group32 *gr;
|
||||||
|
if (cygheap->user.groups.pgsid == psid)
|
||||||
|
id = myself->gid;
|
||||||
|
else
|
||||||
for (int gidx = 0; (gr = internal_getgrent (gidx)); ++gidx)
|
for (int gidx = 0; (gr = internal_getgrent (gidx)); ++gidx)
|
||||||
{
|
{
|
||||||
if (sid.getfromgr (gr) && sid == psid)
|
if (sid.getfromgr (gr) && sid == psid)
|
||||||
|
@@ -1536,9 +1536,7 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
|
|||||||
/* Check for current user first */
|
/* Check for current user first */
|
||||||
if (uid == myself->uid)
|
if (uid == myself->uid)
|
||||||
owner_sid = cygheap->user.sid ();
|
owner_sid = cygheap->user.sid ();
|
||||||
else if (uid == cygheap->user.orig_uid)
|
else
|
||||||
owner_sid = cygheap->user.orig_sid ();
|
|
||||||
if (!owner_sid)
|
|
||||||
{
|
{
|
||||||
/* Otherwise retrieve user data from /etc/passwd */
|
/* Otherwise retrieve user data from /etc/passwd */
|
||||||
struct passwd *pw = getpwuid32 (uid);
|
struct passwd *pw = getpwuid32 (uid);
|
||||||
@@ -1559,12 +1557,17 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
|
|||||||
|
|
||||||
/* Get SID of new group. */
|
/* Get SID of new group. */
|
||||||
cygsid group_sid (NO_SID);
|
cygsid group_sid (NO_SID);
|
||||||
|
/* Check for current user first */
|
||||||
|
if (gid == myself->gid)
|
||||||
|
group_sid = cygheap->user.groups.pgsid;
|
||||||
|
else
|
||||||
|
{
|
||||||
struct __group32 *grp = getgrgid32 (gid);
|
struct __group32 *grp = getgrgid32 (gid);
|
||||||
if (!grp)
|
if (!grp)
|
||||||
debug_printf ("no /etc/group entry for %d", gid);
|
debug_printf ("no /etc/group entry for %d", gid);
|
||||||
else if (!group_sid.getfromgr (grp))
|
else if (!group_sid.getfromgr (grp))
|
||||||
debug_printf ("no SID for group %d", gid);
|
debug_printf ("no SID for group %d", gid);
|
||||||
|
}
|
||||||
/* Initialize local security descriptor. */
|
/* Initialize local security descriptor. */
|
||||||
SECURITY_DESCRIPTOR sd;
|
SECURITY_DESCRIPTOR sd;
|
||||||
PSECURITY_DESCRIPTOR psd = NULL;
|
PSECURITY_DESCRIPTOR psd = NULL;
|
||||||
|
Reference in New Issue
Block a user