2003-09-15 Pierre Humblet <pierre.humblet@ieee.org>

* security.h (__sec_user): Add "access2" argument.
	(sec_acl): Add "original" and "access2" arguments.
	(sec_user): Add "sid2" and "access2" argument. Remove dependence on
	allow_ntsec.
	(sec_user_nih): Ditto.
	* sec_helper.cc (__sec_user): Add "has_security" test.
	Call sec_acl with new arguments, letting it handle original_sid.
	(sec_acl): Add "original" and "access2" arguments. Handle original_sid
	depending on flag but avoiding duplicates. Use "access2" for sid2.
	* pinfo.cc (pinfo::init): Use security attributes created by sec_user
	when creating the mapping.
	* security.cc (create_token): Adjust arguments in call to sec_acl.
	Call sec_user instead of __sec_user.
	* syscall.cc (seteuid32):  Adjust arguments in call to sec_acl. Remove
	now unnecessary test. Remove useless conversions to psid.
	* dcrt0.cc (dll_crt0_1): Call cygsid::init before pinfo_init.
This commit is contained in:
Pierre Humblet
2003-09-16 00:45:50 +00:00
parent a9993197f2
commit c61ada9bd3
7 changed files with 52 additions and 32 deletions

View File

@ -906,7 +906,7 @@ create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
goto out;
/* Create default dacl. */
if (!sec_acl ((PACL) acl_buf, FALSE,
if (!sec_acl ((PACL) acl_buf, false, false,
tmp_gsids.contains (well_known_admins_sid) ?
well_known_admins_sid : usersid))
goto out;
@ -926,7 +926,7 @@ create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
else
{
/* Set security descriptor and primary group */
psa = __sec_user (sa_buf, usersid, TRUE);
psa = sec_user (sa_buf, usersid);
if (psa->lpSecurityDescriptor &&
!SetSecurityDescriptorGroup ((PSECURITY_DESCRIPTOR)
psa->lpSecurityDescriptor,