diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 82483335e..8c1455c1c 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,10 @@ +2010-01-08 Corinna Vinschen + + * sec_auth.cc (get_token_group_sidlist): Add BUILTIN\Users account + to all created tokens. + * sec_helper.cc (well_known_users_sid): Define as BUILTIN\Users. + * security.h (well_known_users_sid): Declare. + 2010-01-01 Christopher Faylor * dcrt0.cc: Bump copyright. diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc index 34e571f29..6e4e72123 100644 --- a/winsup/cygwin/sec_auth.cc +++ b/winsup/cygwin/sec_auth.cc @@ -1,7 +1,7 @@ /* sec_auth.cc: NT authentication functions Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, - 2006, 2007, 2008, 2009 Red Hat, Inc. + 2006, 2007, 2008, 2009, 2010 Red Hat, Inc. This file is part of Cygwin. @@ -365,11 +365,13 @@ get_token_group_sidlist (cygsidlist &grp_list, PTOKEN_GROUPS my_grps, grp_list *= well_known_service_sid; if (sid_in_token_groups (my_grps, well_known_this_org_sid)) grp_list *= well_known_this_org_sid; + grp_list *= well_known_users_sid; } else { grp_list += well_known_local_sid; grp_list *= well_known_interactive_sid; + grp_list *= well_known_users_sid; } if (get_ll (auth_luid) != 999LL) /* != SYSTEM_LUID */ { diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc index 755cab78f..38f4901f2 100644 --- a/winsup/cygwin/sec_helper.cc +++ b/winsup/cygwin/sec_helper.cc @@ -1,6 +1,7 @@ /* sec_helper.cc: NT security helper functions - Copyright 2000, 2001, 2002, 2003, 2004, 2006, 2007, 2008 Red Hat, Inc. + Copyright 2000, 2001, 2002, 2003, 2004, 2006, 2007, 2008, 2009, + 2010 Red Hat, Inc. Written by Corinna Vinschen @@ -59,6 +60,9 @@ MKSID (well_known_system_sid, "S-1-5-18", MKSID (well_known_admins_sid, "S-1-5-32-544", SECURITY_NT_AUTHORITY, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS); +MKSID (well_known_users_sid, "S-1-5-32-545", + SECURITY_NT_AUTHORITY, 2, SECURITY_BUILTIN_DOMAIN_RID, + DOMAIN_ALIAS_RID_USERS); MKSID (fake_logon_sid, "S-1-5-5-0-0", SECURITY_NT_AUTHORITY, 3, SECURITY_LOGON_IDS_RID, 0, 0); MKSID (mandatory_medium_integrity_sid, "S-1-16-8192", diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 4ef1a528b..4de76aa99 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -1,7 +1,7 @@ /* security.h: security declarations - Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 - Red Hat, Inc. + Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, + 2010 Red Hat, Inc. This file is part of Cygwin. @@ -328,6 +328,7 @@ extern cygpsid well_known_authenticated_users_sid; extern cygpsid well_known_this_org_sid; extern cygpsid well_known_system_sid; extern cygpsid well_known_admins_sid; +extern cygpsid well_known_users_sid; extern cygpsid fake_logon_sid; extern cygpsid mandatory_medium_integrity_sid; extern cygpsid mandatory_high_integrity_sid;