JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

2003-09-09 Pierre Humblet <pierre.humblet@ieee.org>

Browse Source 
* shared_info.h: Include security.h.
	(open_shared): Add psa argument.
	(user_shared_initialize): New declaration.
	* security.h: Add _SECURITY_H guard.
	(sec_user): Use sec_none in the no ntsec case.
	* spawn.cc (spawn_guts): Remove call to load_registry_hive.
	* syscalls (seteuid32): If warranted, call load_registry_hive,
	user_shared_initialize and RegCloseKey(HKEY_CURRENT_USER).
	* shared.cc (user_shared_initialize): New.
	(open_shared): Add and use psa argument.
	(memory_init): Move mount table initialization to
	user_shared_initialize. Call it.
This commit is contained in:
Pierre Humblet
2003-09-10 02:12:26 +00:00
parent 3a767b69fd
commit 7119fc0d0b
6 changed files with 107 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
winsup/cygwin/ChangeLog
View File

@@ -1,3 +1,18 @@
2003-09-09 Pierre Humblet <pierre.humblet@ieee.org>
* shared_info.h: Include security.h.
(open_shared): Add psa argument.
(user_shared_initialize): New declaration.
* security.h: Add _SECURITY_H guard.
(sec_user): Use sec_none in the no ntsec case.
* spawn.cc (spawn_guts): Remove call to load_registry_hive.
* syscalls (seteuid32): If warranted, call load_registry_hive,
user_shared_initialize and RegCloseKey(HKEY_CURRENT_USER).
* shared.cc (user_shared_initialize): New.
(open_shared): Add and use psa argument.
(memory_init): Move mount table initialization to
user_shared_initialize. Call it.
2003-09-09 Corinna Vinschen <corinna@vinschen.de> 2003-09-09 Corinna Vinschen <corinna@vinschen.de>
* mmap.cc (mmap64): Change address types from caddr_t to void * * mmap.cc (mmap64): Change address types from caddr_t to void *

6
winsup/cygwin/security.h
View File

@@ -8,6 +8,9 @@ This software is a copyrighted work licensed under the terms of the
Cygwin license. Please consult the file "CYGWIN_LICENSE" for Cygwin license. Please consult the file "CYGWIN_LICENSE" for
details. */ details. */
#ifndef _SECURITY_H
#define _SECURITY_H
#include <accctrl.h> #include <accctrl.h>
#define DEFAULT_UID DOMAIN_USER_RID_ADMIN #define DEFAULT_UID DOMAIN_USER_RID_ADMIN
@@ -271,5 +274,6 @@ sec_user_nih (char sa_buf[], PSID sid = NULL)
extern inline SECURITY_ATTRIBUTES * extern inline SECURITY_ATTRIBUTES *
sec_user (char sa_buf[], PSID sid = NULL) sec_user (char sa_buf[], PSID sid = NULL)
{ {
return allow_ntsec ? __sec_user (sa_buf, sid, TRUE) : &sec_none_nih; return allow_ntsec ? __sec_user (sa_buf, sid, TRUE) : &sec_none;
} }
#endif /*_SECURITY_H*/

96
winsup/cygwin/shared.cc
View File

@@ -67,7 +67,8 @@ static char *offsets[] =
}; };
void * __stdcall void * __stdcall
open_shared (const char *name, int n, HANDLE &shared_h, DWORD size, shared_locations m) open_shared (const char *name, int n, HANDLE &shared_h, DWORD size,
shared_locations m, PSECURITY_ATTRIBUTES psa)
{ {
void *shared; void *shared;
@@ -96,7 +97,7 @@ open_shared (const char *name, int n, HANDLE &shared_h, DWORD size, shared_locat
TRUE, mapname); TRUE, mapname);
} }
if (!shared_h && if (!shared_h &&
!(shared_h = CreateFileMapping (INVALID_HANDLE_VALUE, &sec_all, !(shared_h = CreateFileMapping (INVALID_HANDLE_VALUE, psa,
PAGE_READWRITE, 0, size, mapname))) PAGE_READWRITE, 0, size, mapname)))
api_fatal ("CreateFileMapping, %E. Terminating."); api_fatal ("CreateFileMapping, %E. Terminating.");
} }
@@ -144,6 +145,71 @@ open_shared (const char *name, int n, HANDLE &shared_h, DWORD size, shared_locat
return shared; return shared;
} }
void
user_shared_initialize ()
{
char name[UNLEN + 1] = "";
/* Temporary code. Will be cleaned up later */
if (wincap.has_security ())
{
HANDLE ptok = NULL;
DWORD siz;
cygsid tu;
if (cygwin_mount_h) /* Reinit */
tu = cygheap->user.sid ();
else
{
if (!OpenProcessToken (hMainProc, TOKEN_ADJUST_DEFAULT | TOKEN_QUERY,
&ptok))
system_printf ("OpenProcessToken(): %E");
else if (!GetTokenInformation (ptok, TokenUser, &tu, sizeof tu, &siz))
system_printf ("GetTokenInformation (TokenUser): %E");
else
tu.string (name);
if (ptok)
CloseHandle (ptok);
}
tu.string (name);
}
else
strcpy (name, cygheap->user.name ());
if (cygwin_mount_h)
{
if (!UnmapViewOfFile (mount_table))
debug_printf("UnmapViewOfFile %E");
if (!ForceCloseHandle (cygwin_mount_h))
debug_printf("CloseHandle %E");
cygwin_mount_h = NULL;
}
mount_table = (mount_info *) open_shared (name, MOUNT_VERSION,
cygwin_mount_h, sizeof (mount_info),
SH_MOUNT_TABLE, &sec_none);
debug_printf ("opening mount table for '%s' at %p", name,
mount_table);
ProtectHandleINH (cygwin_mount_h);
debug_printf ("mount table version %x at %p", mount_table->version, mount_table);
/* Initialize the Cygwin per-user mount table, if necessary */
if (!mount_table->version)
{
mount_table->version = MOUNT_VERSION_MAGIC;
debug_printf ("initializing mount table");
mount_table->cb = sizeof (*mount_table);
if (mount_table->cb != MOUNT_INFO_CB)
system_printf ("size of mount table region changed from %u to %u",
MOUNT_INFO_CB, mount_table->cb);
mount_table->init (); /* Initialize the mount table. */
}
else if (mount_table->version != MOUNT_VERSION_MAGIC)
multiple_cygwin_problem ("mount", mount_table->version, MOUNT_VERSION);
else if (mount_table->cb != MOUNT_INFO_CB)
multiple_cygwin_problem ("mount table size", mount_table->cb, MOUNT_INFO_CB);
}
void void
shared_info::initialize (const char *user_name) shared_info::initialize (const char *user_name)
{ {
@@ -208,31 +274,7 @@ memory_init ()
cygheap->shared_h = shared_h; cygheap->shared_h = shared_h;
ProtectHandleINH (cygheap->shared_h); ProtectHandleINH (cygheap->shared_h);
/* Allocate memory for the per-user mount table */ user_shared_initialize ();
mount_table = (mount_info *) open_shared (user_name, MOUNT_VERSION,
cygwin_mount_h, sizeof (mount_info),
SH_MOUNT_TABLE);
debug_printf ("opening mount table for '%s' at %p", cygheap->user.name (),
mount_table);
ProtectHandleINH (cygwin_mount_h);
debug_printf ("mount table version %x at %p", mount_table->version, mount_table);
/* Initialize the Cygwin per-user mount table, if necessary */
if (!mount_table->version)
{
mount_table->version = MOUNT_VERSION_MAGIC;
debug_printf ("initializing mount table");
mount_table->cb = sizeof (*mount_table);
if (mount_table->cb != MOUNT_INFO_CB)
system_printf ("size of mount table region changed from %u to %u",
MOUNT_INFO_CB, mount_table->cb);
mount_table->init (); /* Initialize the mount table. */
}
else if (mount_table->version != MOUNT_VERSION_MAGIC)
multiple_cygwin_problem ("mount", mount_table->version, MOUNT_VERSION);
else if (mount_table->cb != MOUNT_INFO_CB)
multiple_cygwin_problem ("mount table size", mount_table->cb, MOUNT_INFO_CB);
} }
unsigned unsigned

6
winsup/cygwin/shared_info.h
View File

@@ -9,6 +9,7 @@ Cygwin license. Please consult the file "CYGWIN_LICENSE" for
details. */ details. */
#include "tty.h" #include "tty.h"
#include "security.h"
/* Mount table entry */ /* Mount table entry */
@@ -189,4 +190,7 @@ struct console_state
#endif #endif
char *__stdcall shared_name (char *, const char *, int); char *__stdcall shared_name (char *, const char *, int);
void *__stdcall open_shared (const char *name, int n, HANDLE &shared_h, DWORD size, shared_locations); void *__stdcall open_shared (const char *name, int n, HANDLE &shared_h, DWORD size,
shared_locations, PSECURITY_ATTRIBUTES psa = &sec_all);
extern void user_shared_initialize ();

3
winsup/cygwin/spawn.cc
View File

@@ -654,9 +654,6 @@ spawn_guts (const char * prog_arg, const char *const *argv,
/* Set security attributes with sid */ /* Set security attributes with sid */
PSECURITY_ATTRIBUTES sec_attribs = sec_user_nih (sa_buf, sid); PSECURITY_ATTRIBUTES sec_attribs = sec_user_nih (sa_buf, sid);
/* Load users registry hive. */
load_registry_hive (sid);
/* allow the child to interact with our window station/desktop */ /* allow the child to interact with our window station/desktop */
HANDLE hwst, hdsk; HANDLE hwst, hdsk;
SECURITY_INFORMATION dsi = DACL_SECURITY_INFORMATION; SECURITY_INFORMATION dsi = DACL_SECURITY_INFORMATION;

15
winsup/cygwin/syscalls.cc
View File

@@ -2076,8 +2076,8 @@ seteuid32 (__uid32_t uid)
user_groups &groups = cygheap->user.groups; user_groups &groups = cygheap->user.groups;
HANDLE ptok, new_token = INVALID_HANDLE_VALUE; HANDLE ptok, new_token = INVALID_HANDLE_VALUE;
struct passwd * pw_new; struct passwd * pw_new;
PSID origpsid, psid2 = NO_SID; cygpsid origpsid, psid2 (NO_SID);
BOOL token_is_internal; BOOL token_is_internal, issamesid;
pw_new = internal_getpwuid (uid); pw_new = internal_getpwuid (uid);
if (!wincap.has_security () && pw_new) if (!wincap.has_security () && pw_new)
@@ -2154,6 +2154,9 @@ seteuid32 (__uid32_t uid)
} }
else if (new_token != ptok) else if (new_token != ptok)
{ {
/* Avoid having HKCU use default user */
load_registry_hive (usersid);
/* Try setting owner to same value as user. */ /* Try setting owner to same value as user. */
if (!SetTokenInformation (new_token, TokenOwner, if (!SetTokenInformation (new_token, TokenOwner,
&usersid, sizeof usersid)) &usersid, sizeof usersid))
@@ -2168,10 +2171,16 @@ seteuid32 (__uid32_t uid)
} }
CloseHandle (ptok); CloseHandle (ptok);
issamesid = (usersid == (psid2 = cygheap->user.sid ()));
cygheap->user.set_sid (usersid); cygheap->user.set_sid (usersid);
cygheap->user.current_token = new_token == ptok ? INVALID_HANDLE_VALUE cygheap->user.current_token = new_token == ptok ? INVALID_HANDLE_VALUE
: new_token; : new_token;
if (!issamesid) /* MS KB 199190 */
RegCloseKey(HKEY_CURRENT_USER);
cygheap->user.reimpersonate (); cygheap->user.reimpersonate ();
if (!issamesid)
user_shared_initialize ();
success_9x: success_9x:
cygheap->user.set_name (pw_new->pw_name); cygheap->user.set_name (pw_new->pw_name);
myself->uid = uid; myself->uid = uid;