2003-09-15 Pierre Humblet <pierre.humblet@ieee.org>
* security.h (__sec_user): Add "access2" argument. (sec_acl): Add "original" and "access2" arguments. (sec_user): Add "sid2" and "access2" argument. Remove dependence on allow_ntsec. (sec_user_nih): Ditto. * sec_helper.cc (__sec_user): Add "has_security" test. Call sec_acl with new arguments, letting it handle original_sid. (sec_acl): Add "original" and "access2" arguments. Handle original_sid depending on flag but avoiding duplicates. Use "access2" for sid2. * pinfo.cc (pinfo::init): Use security attributes created by sec_user when creating the mapping. * security.cc (create_token): Adjust arguments in call to sec_acl. Call sec_user instead of __sec_user. * syscall.cc (seteuid32): Adjust arguments in call to sec_acl. Remove now unnecessary test. Remove useless conversions to psid. * dcrt0.cc (dll_crt0_1): Call cygsid::init before pinfo_init.
This commit is contained in:
@@ -2076,7 +2076,6 @@ seteuid32 (__uid32_t uid)
|
||||
user_groups &groups = cygheap->user.groups;
|
||||
HANDLE ptok, new_token = INVALID_HANDLE_VALUE;
|
||||
struct passwd * pw_new;
|
||||
cygpsid origpsid, psid2 (NO_SID);
|
||||
BOOL token_is_internal, issamesid;
|
||||
|
||||
pw_new = internal_getpwuid (uid);
|
||||
@@ -2121,9 +2120,7 @@ seteuid32 (__uid32_t uid)
|
||||
if (cygheap->user.current_token != new_token)
|
||||
{
|
||||
char dacl_buf[MAX_DACL_LEN (5)];
|
||||
if (usersid != (origpsid = cygheap->user.orig_sid ()))
|
||||
psid2 = usersid;
|
||||
if (sec_acl ((PACL) dacl_buf, FALSE, origpsid, psid2))
|
||||
if (sec_acl ((PACL) dacl_buf, true, false, usersid))
|
||||
{
|
||||
TOKEN_DEFAULT_DACL tdacl;
|
||||
tdacl.DefaultDacl = (PACL) dacl_buf;
|
||||
@@ -2171,7 +2168,7 @@ seteuid32 (__uid32_t uid)
|
||||
}
|
||||
|
||||
CloseHandle (ptok);
|
||||
issamesid = (usersid == (psid2 = cygheap->user.sid ()));
|
||||
issamesid = (usersid == cygheap->user.sid ());
|
||||
cygheap->user.set_sid (usersid);
|
||||
cygheap->user.current_token = new_token == ptok ? INVALID_HANDLE_VALUE
|
||||
: new_token;
|
||||
|
Reference in New Issue
Block a user