* security.cc (get_logon_server): Interpret a zero length

domain as the local domain. (get_group_sidlist): Add authenticated users SID to SYSTEM's group list instead of SYSTEM itself. (verify_token): Accept the primary group sid if it equals the token user sid.
2002-07-02 09:02:53 +00:00 · 2002-07-02 09:02:53 +00:00 · 891bb974f9
parent aeed87e86e
commit 891bb974f9
2 changed files with 15 additions and 3 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,3 +1,12 @@
+2002-07-01  Pierre Humblet <pierre.humblet@ieee.org>
+
+	* security.cc (get_logon_server): Interpret a zero length
+	domain as the local domain.
+	(get_group_sidlist): Add authenticated users SID to SYSTEM's group
+	list instead of SYSTEM itself.
+	(verify_token): Accept the primary group sid if it equals
+	the token user sid.
+
 2002-07-02  Corinna Vinschen  <corinna@vinschen.de>

 	* cygwin.din (__fpclassifyd): Add symbol.
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@ -255,8 +255,9 @@ get_logon_server (const char *domain, char *server, WCHAR *wserver)
  WCHAR * buf;
  DWORD size = INTERNET_MAX_HOST_NAME_LENGTH + 1;

+  /* Empty domain is interpreted as local system */
  if ((GetComputerName (server + 2, &size)) &&
-      strcasematch (domain, server + 2))
+      (strcasematch (domain, server + 2) || !domain[0]))
    {
      server[0] = server[1] = '\\';
      if (wserver)
@ -489,7 +490,7 @@ get_group_sidlist (cygsidlist &grp_list,
  grp_list += well_known_world_sid;
  if (usersid == well_known_system_sid)
    {
-      grp_list += well_known_system_sid;
+      grp_list += well_known_authenticated_users_sid;
      grp_list += well_known_admins_sid;
    }
  else
@ -699,10 +700,12 @@ verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern)
 	   debug_printf ("GetSecurityDescriptorGroup(): %E");
       if (well_known_null_sid != gsid) return pgrpsid == gsid;
    }
-  /* See if the pgrpsid is in the token groups */
+  /* See if the pgrpsid is the tok_usersid in the token groups */
  PTOKEN_GROUPS my_grps = NULL;
  BOOL ret = FALSE;

+  if ( pgrpsid == tok_usersid)
+    return TRUE;
  if (!GetTokenInformation (token, TokenGroups, NULL, 0, &size) &&
      GetLastError () != ERROR_INSUFFICIENT_BUFFER)
    debug_printf ("GetTokenInformation(token, TokenGroups): %E\n");