Add Authz class to compute exact POSIX user perms in a security descriptor

* autoload.cc (AuthzAccessCheck): Import.
	(AuthzFreeContext): Import.
	(AuthzInitializeContextFromSid): Import.
	(AuthzInitializeContextFromToken): Import.
	(AuthzInitializeResourceManager): Import.
	* sec_helper.cc (get_sids_info): Remove.
	(class authz_ctx_cache_entry): New class.
	(class authz_ctx_cache): New class.
	(class authz_ctx): New class.
	(authz_get_user_attribute): New function.
	* security.h (get_sids_info): Drop prototype.
	(authz_get_user_attribute): Add prototype.
	* winlean.h (_AUTHZ_): Define.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen
2015-08-17 18:29:24 +02:00
parent e2742d467a
commit 42fad6ffa5
5 changed files with 194 additions and 25 deletions

View File

@ -456,7 +456,8 @@ void set_security_attribute (path_conv &pc, int attribute,
PSECURITY_ATTRIBUTES psa,
security_descriptor &sd_buf);
bool get_sids_info (cygpsid, cygpsid, uid_t * , gid_t *);
void authz_get_user_attribute (mode_t *attribute, PSECURITY_DESCRIPTOR psd,
PSID user_sid);
/* sec_acl.cc */
struct acl;