JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* grp.cc (getgroups32): Revert previous patch. Use impersonation

Browse Source 
token if process is in impersonated state.
	* sec_helper.cc (is_grp_member): Rewrite.  Call getgroups32 only
	for current user.  Scan passwd and group info otherwise.
This commit is contained in:
Corinna Vinschen
2002-11-14 19:19:39 +00:00
parent 69920bb5bd
commit 4ce377c9d4
3 changed files with 61 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
winsup/cygwin/grp.cc
View File

@@ -341,9 +341,15 @@ getgroups32 (int gidsetsize, __gid32_t *grouplist, __gid32_t gid,
if (group_state <= initializing)
read_etc_group ();
if (allow_ntsec &&
strcasematch (username, cygheap->user.name ()) &&
OpenProcessToken (hMainProc, TOKEN_QUERY, &hToken))
if (allow_ntsec)
{
/* If impersonated, use impersonation token. */
if (cygheap->user.issetuid ())
hToken = cygheap->user.token;
else if (!OpenProcessToken (hMainProc, TOKEN_QUERY, &hToken))
hToken = NULL;
}
if (hToken)
{
if (GetTokenInformation (hToken, TokenGroups, NULL, 0, &size)
|| GetLastError () == ERROR_INSUFFICIENT_BUFFER)
@@ -375,7 +381,8 @@ getgroups32 (int gidsetsize, __gid32_t *grouplist, __gid32_t gid,
}
else
debug_printf ("%d = GetTokenInformation(NULL) %E", size);
CloseHandle (hToken);
if (hToken != cygheap->user.token)
CloseHandle (hToken);
if (cnt)
return cnt;
}