* security.cc (set_process_privileges): Swap out.

* sec_helper.cc (set_process_privilege): Rename from
        `set_process_privileges'. Takes the privilege to enable or disable
        as parameter now.
        * security.h: Add prototype for `set_process_privileges'.
This commit is contained in:
Corinna Vinschen
2001-04-20 20:36:13 +00:00
parent b9815dc3dc
commit 3c8e92d9fc
4 changed files with 50 additions and 41 deletions

View File

@ -182,7 +182,7 @@ write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size)
static BOOL first_time = TRUE;
if (first_time)
{
set_process_privileges ();
set_process_privilege (SE_RESTORE_NAME);
first_time = FALSE;
}
@ -245,46 +245,6 @@ write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size)
return 0;
}
int
set_process_privileges ()
{
HANDLE hToken = NULL;
LUID restore_priv;
TOKEN_PRIVILEGES new_priv;
int ret = -1;
if (!OpenProcessToken (hMainProc, TOKEN_ADJUST_PRIVILEGES, &hToken))
{
__seterrno ();
goto out;
}
if (!LookupPrivilegeValue (NULL, SE_RESTORE_NAME, &restore_priv))
{
__seterrno ();
goto out;
}
new_priv.PrivilegeCount = 1;
new_priv.Privileges[0].Luid = restore_priv;
new_priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (!AdjustTokenPrivileges (hToken, FALSE, &new_priv, 0, NULL, NULL))
{
__seterrno ();
goto out;
}
ret = 0;
out:
if (hToken)
CloseHandle (hToken);
syscall_printf ("%d = set_process_privileges ()", ret);
return ret;
}
static int
get_nt_attribute (const char *file, int *attribute,
uid_t *uidret, gid_t *gidret)