JehanneOS
/
newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* security.cc (set_process_privileges): Swap out. 

* sec_helper.cc (set_process_privilege): Rename from
        `set_process_privileges'. Takes the privilege to enable or disable
        as parameter now.
        * security.h: Add prototype for `set_process_privileges'.
This commit is contained in:
Corinna Vinschen 2001-04-20 20:36:13 +00:00
parent b9815dc3dc
commit 3c8e92d9fc
4 changed files with 50 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,11 @@
Fri Apr 20 22:25:00 2001 Corinna Vinschen <corinna@vinschen.de>
* security.cc (set_process_privileges): Swap out.
* sec_helper.cc (set_process_privilege): Rename from
`set_process_privileges'. Takes the privilege to enable or disable
as parameter now.
* security.h: Add prototype for `set_process_privileges'.
2001-04-19 Egor Duda <deo@logos-m.ru>
* path.cc (path_conv::check): Always initialize member variables.

40
winsup/cygwin/sec_helper.cc
View File

@ -397,3 +397,43 @@ got_it:
return TRUE;
}
int
set_process_privilege (const char *privilege, BOOL enable)
{
HANDLE hToken = NULL;
LUID restore_priv;
TOKEN_PRIVILEGES new_priv;
int ret = -1;
if (!OpenProcessToken (hMainProc, TOKEN_ADJUST_PRIVILEGES, &hToken))
{
__seterrno ();
goto out;
}
if (!LookupPrivilegeValue (NULL, privilege, &restore_priv))
{
__seterrno ();
goto out;
}
new_priv.PrivilegeCount = 1;
new_priv.Privileges[0].Luid = restore_priv;
new_priv.Privileges[0].Attributes = enable ? SE_PRIVILEGE_ENABLED : 0;
if (!AdjustTokenPrivileges (hToken, FALSE, &new_priv, 0, NULL, NULL))
{
__seterrno ();
goto out;
}
ret = 0;
out:
if (hToken)
CloseHandle (hToken);
syscall_printf ("%d = set_process_privilege (%s, %d)",ret, privilege, enable);
return ret;
}

42
winsup/cygwin/security.cc
View File

@ -182,7 +182,7 @@ write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size)
static BOOL first_time = TRUE;
if (first_time)
{
set_process_privileges ();
set_process_privilege (SE_RESTORE_NAME);
first_time = FALSE;
}
@ -245,46 +245,6 @@ write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size)
return 0;
}
int
set_process_privileges ()
{
HANDLE hToken = NULL;
LUID restore_priv;
TOKEN_PRIVILEGES new_priv;
int ret = -1;
if (!OpenProcessToken (hMainProc, TOKEN_ADJUST_PRIVILEGES, &hToken))
{
__seterrno ();
goto out;
}
if (!LookupPrivilegeValue (NULL, SE_RESTORE_NAME, &restore_priv))
{
__seterrno ();
goto out;
}
new_priv.PrivilegeCount = 1;
new_priv.Privileges[0].Luid = restore_priv;
new_priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (!AdjustTokenPrivileges (hToken, FALSE, &new_priv, 0, NULL, NULL))
{
__seterrno ();
goto out;
}
ret = 0;
out:
if (hToken)
CloseHandle (hToken);
syscall_printf ("%d = set_process_privileges ()", ret);
return ret;
}
static int
get_nt_attribute (const char *file, int *attribute,
uid_t *uidret, gid_t *gidret)

1
winsup/cygwin/security.h
View File

@ -45,6 +45,7 @@ BOOL __stdcall is_grp_member (uid_t uid, gid_t gid);
* logsrv may be NULL, in this case only the local system is used for lookup.
* The buffer for ret_sid (40 Bytes) has to be allocated by the caller! */
BOOL __stdcall lookup_name (const char *, const char *, PSID);
int set_process_privilege (const char *privilege, BOOL enable = TRUE);
extern inline int get_uid_from_sid (PSID psid) { return get_id_from_sid (psid, FALSE);}
extern inline int get_gid_from_sid (PSID psid) { return get_id_from_sid (psid, TRUE); }