Change well_known_admin_sid to well_known_admins_sid throughout.

* sec_acl.cc (setacl): Never set DELETE permission. Set
        FILE_DELETE_CHILD only on readable and executable directories.
        * sec_helper.cc: Add constructor for `well_known_null_sid'.
        * security.cc (get_nt_attribute): Set S_ISVTX for directories if
        FILE_WRITE_DATA and FILE_EXECUTE but not FILE_DELETE_CHILD is set.
        Add evaluation of S_ISVTX, S_ISGID and S_ISUID from NULL ACE.
        (alloc_sd): Never set DELETE permission. Set FILE_DELETE_CHILD
        only on readable and executable directories.
        Add creation of NULL ACE for S_ISVTX, S_ISGID and S_ISUID permissions.
        * security.h: Add extern declaration for `well_known_null_sid'.
This commit is contained in:
Corinna Vinschen
2001-07-15 22:40:07 +00:00
parent 4c61c04cd3
commit 3a157c0d0d
7 changed files with 73 additions and 35 deletions

View File

@@ -249,7 +249,7 @@ sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
size_t acl_len = sizeof (ACL)
+ 4 * (sizeof (ACCESS_ALLOWED_ACE) - sizeof (DWORD))
+ GetLengthSid (sid)
+ GetLengthSid (well_known_admin_sid)
+ GetLengthSid (well_known_admins_sid)
+ GetLengthSid (well_known_system_sid)
+ GetLengthSid (well_known_creator_owner_sid);
if (sid2)
@@ -266,7 +266,7 @@ sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
if (! AddAccessAllowedAce (acl, ACL_REVISION,
SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL,
well_known_admin_sid))
well_known_admins_sid))
debug_printf ("AddAccessAllowedAce(admin) %E");
if (! AddAccessAllowedAce (acl, ACL_REVISION,