Drop has_mandatory_integrity_control flag
This commit is contained in:
		| @@ -45,39 +45,36 @@ issetugid (void) | |||||||
| static HANDLE | static HANDLE | ||||||
| get_full_privileged_inheritable_token (HANDLE token) | get_full_privileged_inheritable_token (HANDLE token) | ||||||
| { | { | ||||||
|   if (wincap.has_mandatory_integrity_control ()) |   TOKEN_LINKED_TOKEN linked; | ||||||
|  |   ULONG size; | ||||||
|  |  | ||||||
|  |   /* When fetching the linked token without TCB privs, then the linked | ||||||
|  |      token is not a primary token, only an impersonation token, which is | ||||||
|  |      not suitable for CreateProcessAsUser.  Converting it to a primary | ||||||
|  |      token using DuplicateTokenEx does NOT work for the linked token in | ||||||
|  |      this case.  So we have to switch on TCB privs to get a primary token. | ||||||
|  |      This is generally performed in the calling functions.  */ | ||||||
|  |   if (NT_SUCCESS (NtQueryInformationToken (token, TokenLinkedToken, | ||||||
|  | 					   (PVOID) &linked, sizeof linked, | ||||||
|  | 					   &size))) | ||||||
|     { |     { | ||||||
|       TOKEN_LINKED_TOKEN linked; |       debug_printf ("Linked Token: %p", linked.LinkedToken); | ||||||
|       ULONG size; |       if (linked.LinkedToken) | ||||||
|  |  | ||||||
|       /* When fetching the linked token without TCB privs, then the linked |  | ||||||
| 	 token is not a primary token, only an impersonation token, which is |  | ||||||
| 	 not suitable for CreateProcessAsUser.  Converting it to a primary |  | ||||||
| 	 token using DuplicateTokenEx does NOT work for the linked token in |  | ||||||
| 	 this case.  So we have to switch on TCB privs to get a primary token. |  | ||||||
| 	 This is generally performed in the calling functions.  */ |  | ||||||
|       if (NT_SUCCESS (NtQueryInformationToken (token, TokenLinkedToken, |  | ||||||
| 					       (PVOID) &linked, sizeof linked, |  | ||||||
| 					       &size))) |  | ||||||
| 	{ | 	{ | ||||||
| 	  debug_printf ("Linked Token: %p", linked.LinkedToken); | 	  TOKEN_TYPE type; | ||||||
| 	  if (linked.LinkedToken) |  | ||||||
| 	    { |  | ||||||
| 	      TOKEN_TYPE type; |  | ||||||
|  |  | ||||||
| 	      /* At this point we don't know if the user actually had TCB | 	  /* At this point we don't know if the user actually had TCB | ||||||
| 		 privileges.  Check if the linked token is a primary token. | 	     privileges.  Check if the linked token is a primary token. | ||||||
| 		 If not, just return the original token. */ | 	     If not, just return the original token. */ | ||||||
| 	      if (NT_SUCCESS (NtQueryInformationToken (linked.LinkedToken, | 	  if (NT_SUCCESS (NtQueryInformationToken (linked.LinkedToken, | ||||||
| 						       TokenType, (PVOID) &type, | 						   TokenType, (PVOID) &type, | ||||||
| 						       sizeof type, &size)) | 						   sizeof type, &size)) | ||||||
| 		  && type != TokenPrimary) | 	      && type != TokenPrimary) | ||||||
| 		debug_printf ("Linked Token is not a primary token!"); | 	    debug_printf ("Linked Token is not a primary token!"); | ||||||
| 	      else | 	  else | ||||||
| 		{ | 	    { | ||||||
| 		  CloseHandle (token); | 	      CloseHandle (token); | ||||||
| 		  token = linked.LinkedToken; | 	      token = linked.LinkedToken; | ||||||
| 		} |  | ||||||
| 	    } | 	    } | ||||||
| 	} | 	} | ||||||
|     } |     } | ||||||
| @@ -972,14 +969,10 @@ create_token (cygsid &usersid, user_groups &new_groups) | |||||||
| 			       &mandatory_integrity_sid))) | 			       &mandatory_integrity_sid))) | ||||||
|     goto out; |     goto out; | ||||||
|  |  | ||||||
|   /* On systems supporting Mandatory Integrity Control, add the MIC SID. */ |   new_tok_gsids->Groups[new_tok_gsids->GroupCount].Attributes = | ||||||
|   if (wincap.has_mandatory_integrity_control ()) |     SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED; | ||||||
|     { |   new_tok_gsids->Groups[new_tok_gsids->GroupCount++].Sid | ||||||
|       new_tok_gsids->Groups[new_tok_gsids->GroupCount].Attributes = |     = mandatory_integrity_sid; | ||||||
| 	SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED; |  | ||||||
|       new_tok_gsids->Groups[new_tok_gsids->GroupCount++].Sid |  | ||||||
| 	= mandatory_integrity_sid; |  | ||||||
|     } |  | ||||||
|  |  | ||||||
|   /* Let's be heroic... */ |   /* Let's be heroic... */ | ||||||
|   status = NtCreateToken (&token, TOKEN_ALL_ACCESS, &oa, TokenImpersonation, |   status = NtCreateToken (&token, TOKEN_ALL_ACCESS, &oa, TokenImpersonation, | ||||||
|   | |||||||
| @@ -21,7 +21,6 @@ wincaps wincap_xpsp2 __attribute__((section (".cygwin_dll_common"), shared)) = { | |||||||
|   def_guard_pages:1, |   def_guard_pages:1, | ||||||
|   max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, |   max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, | ||||||
|   is_server:false, |   is_server:false, | ||||||
|   has_mandatory_integrity_control:false, |  | ||||||
|   needs_count_in_si_lpres2:false, |   needs_count_in_si_lpres2:false, | ||||||
|   has_gaa_largeaddress_bug:false, |   has_gaa_largeaddress_bug:false, | ||||||
|   has_transactions:false, |   has_transactions:false, | ||||||
| @@ -52,7 +51,6 @@ wincaps wincap_2003 __attribute__((section (".cygwin_dll_common"), shared)) = { | |||||||
|   def_guard_pages:1, |   def_guard_pages:1, | ||||||
|   max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, |   max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, | ||||||
|   is_server:false, |   is_server:false, | ||||||
|   has_mandatory_integrity_control:false, |  | ||||||
|   needs_count_in_si_lpres2:false, |   needs_count_in_si_lpres2:false, | ||||||
|   has_gaa_largeaddress_bug:false, |   has_gaa_largeaddress_bug:false, | ||||||
|   has_transactions:false, |   has_transactions:false, | ||||||
| @@ -83,7 +81,6 @@ wincaps wincap_vista __attribute__((section (".cygwin_dll_common"), shared)) = { | |||||||
|   def_guard_pages:1, |   def_guard_pages:1, | ||||||
|   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, |   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, | ||||||
|   is_server:false, |   is_server:false, | ||||||
|   has_mandatory_integrity_control:true, |  | ||||||
|   needs_count_in_si_lpres2:true, |   needs_count_in_si_lpres2:true, | ||||||
|   has_gaa_largeaddress_bug:true, |   has_gaa_largeaddress_bug:true, | ||||||
|   has_transactions:true, |   has_transactions:true, | ||||||
| @@ -114,7 +111,6 @@ wincaps wincap_7 __attribute__((section (".cygwin_dll_common"), shared)) = { | |||||||
|   def_guard_pages:1, |   def_guard_pages:1, | ||||||
|   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, |   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, | ||||||
|   is_server:false, |   is_server:false, | ||||||
|   has_mandatory_integrity_control:true, |  | ||||||
|   needs_count_in_si_lpres2:false, |   needs_count_in_si_lpres2:false, | ||||||
|   has_gaa_largeaddress_bug:true, |   has_gaa_largeaddress_bug:true, | ||||||
|   has_transactions:true, |   has_transactions:true, | ||||||
| @@ -145,7 +141,6 @@ wincaps wincap_8 __attribute__((section (".cygwin_dll_common"), shared)) = { | |||||||
|   def_guard_pages:2, |   def_guard_pages:2, | ||||||
|   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, |   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, | ||||||
|   is_server:false, |   is_server:false, | ||||||
|   has_mandatory_integrity_control:true, |  | ||||||
|   needs_count_in_si_lpres2:false, |   needs_count_in_si_lpres2:false, | ||||||
|   has_gaa_largeaddress_bug:false, |   has_gaa_largeaddress_bug:false, | ||||||
|   has_transactions:true, |   has_transactions:true, | ||||||
| @@ -176,7 +171,6 @@ wincaps wincap_10 __attribute__((section (".cygwin_dll_common"), shared)) = { | |||||||
|   def_guard_pages:2, |   def_guard_pages:2, | ||||||
|   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, |   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, | ||||||
|   is_server:false, |   is_server:false, | ||||||
|   has_mandatory_integrity_control:true, |  | ||||||
|   needs_count_in_si_lpres2:false, |   needs_count_in_si_lpres2:false, | ||||||
|   has_gaa_largeaddress_bug:false, |   has_gaa_largeaddress_bug:false, | ||||||
|   has_transactions:true, |   has_transactions:true, | ||||||
| @@ -207,7 +201,6 @@ wincaps wincap_10_1511 __attribute__((section (".cygwin_dll_common"), shared)) = | |||||||
|   def_guard_pages:2, |   def_guard_pages:2, | ||||||
|   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, |   max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, | ||||||
|   is_server:false, |   is_server:false, | ||||||
|   has_mandatory_integrity_control:true, |  | ||||||
|   needs_count_in_si_lpres2:false, |   needs_count_in_si_lpres2:false, | ||||||
|   has_gaa_largeaddress_bug:false, |   has_gaa_largeaddress_bug:false, | ||||||
|   has_transactions:true, |   has_transactions:true, | ||||||
|   | |||||||
| @@ -14,7 +14,6 @@ struct wincaps | |||||||
|   DWORD    def_guard_pages; |   DWORD    def_guard_pages; | ||||||
|   DWORD    max_sys_priv; |   DWORD    max_sys_priv; | ||||||
|   unsigned is_server                                    : 1; |   unsigned is_server                                    : 1; | ||||||
|   unsigned has_mandatory_integrity_control		: 1; |  | ||||||
|   unsigned needs_count_in_si_lpres2			: 1; |   unsigned needs_count_in_si_lpres2			: 1; | ||||||
|   unsigned has_gaa_largeaddress_bug			: 1; |   unsigned has_gaa_largeaddress_bug			: 1; | ||||||
|   unsigned has_transactions				: 1; |   unsigned has_transactions				: 1; | ||||||
| @@ -70,7 +69,6 @@ public: | |||||||
|   } |   } | ||||||
|   DWORD IMPLEMENT (max_sys_priv) |   DWORD IMPLEMENT (max_sys_priv) | ||||||
|   bool  IMPLEMENT (is_server) |   bool  IMPLEMENT (is_server) | ||||||
|   bool	IMPLEMENT (has_mandatory_integrity_control) |  | ||||||
|   bool	IMPLEMENT (needs_count_in_si_lpres2) |   bool	IMPLEMENT (needs_count_in_si_lpres2) | ||||||
|   bool	IMPLEMENT (has_gaa_largeaddress_bug) |   bool	IMPLEMENT (has_gaa_largeaddress_bug) | ||||||
|   bool	IMPLEMENT (has_transactions) |   bool	IMPLEMENT (has_transactions) | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user