* fork.cc (fork_parent): Use sec_user_nih to control process/thread

inheritance/permission. * spawn.cc (spawn_guts): Ditto. * security.cc (create_token): Initialize token so that it is not tested for bogus value later. Use sec_user to control process/thread creation. * security.h (__sec_user): Rename declaration from sec_user. (sec_user_nih): Declare here as inline function wrapper for __sec_user. (sec_user): Ditto. * sigproc.cc (czombies): Allocate a character array for zombies to avoid constructor overhead (extremely hackish, I know). (cpchildren): Ditto. (pchildren): New define. (zombies): Ditto. (getsem): Use sec_user_nih to control semaphore inheritance/permission.
2002-02-19 05:58:44 +00:00
parent dda54ada03
commit cecb74ae47
7 changed files with 47 additions and 24 deletions
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@ -199,8 +199,20 @@ SECURITY_DESCRIPTOR *__stdcall get_null_sd (void);

 /* Various types of security attributes for use in Create* functions. */
 extern SECURITY_ATTRIBUTES sec_none, sec_none_nih, sec_all, sec_all_nih;
-extern SECURITY_ATTRIBUTES *__stdcall sec_user (PVOID sa_buf, PSID sid2 = NULL, BOOL inherit = TRUE);
-extern SECURITY_ATTRIBUTES *__stdcall sec_user_nih (PVOID sa_buf, PSID sid2 = NULL);
+extern SECURITY_ATTRIBUTES *__stdcall __sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
+  __attribute__ ((regparm (3)));

 int __stdcall NTReadEA (const char *file, const char *attrname, char *buf, int len);
 BOOL __stdcall NTWriteEA (const char *file, const char *attrname, const char *buf, int len);
+
+extern inline SECURITY_ATTRIBUTES *
+sec_user_nih (char sa_buf[], PSID sid = NULL)
+{
+  return allow_ntsec ? __sec_user (sa_buf, sid, FALSE) : &sec_none_nih;
+}
+
+extern inline SECURITY_ATTRIBUTES *
+sec_user (char sa_buf[], PSID sid = NULL)
+{
+  return allow_ntsec ? __sec_user (sa_buf, sid, TRUE) : &sec_none_nih;
+}