JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* security.cc (get_group_sidlist): Add pw argument and use pw->pw_name in call

Browse Source 
to get_supplementary_group_sidlist.
(create_token): Add pw argument and use it in call to get_group_sidlist.
* security.h: Add pw argument in declaration of create_token.
* syscalls.cc (seteuid32): Add pw argument in call to create_token.
This commit is contained in:
Christopher Faylor 2002-06-24 13:01:50 +00:00
parent 76093a9b7e
commit de0557f7a3
4 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,12 @@
2002-06-23 Pierre Humblet <pierre.humblet@ieee.org>
* security.cc (get_group_sidlist): Add pw argument and use pw->pw_name
in call to get_supplementary_group_sidlist.
(create_token): Add pw argument and use it in call to
get_group_sidlist.
* security.h: Add pw argument in declaration of create_token.
* syscalls.cc (seteuid32): Add pw argument in call to create_token.
2002-06-23 Conrad Scott <conrad.scott@dsl.pipex.com>
* fhandler.cc (fhandler_base::fstat): Set S_IFIFO for pipes.

12
winsup/cygwin/security.cc
View File

@ -482,7 +482,7 @@ get_supplementary_group_sidlist (const char *username, cygsidlist &grp_list)
static BOOL
get_group_sidlist (cygsidlist &grp_list,
cygsid &usersid, cygsid &pgrpsid,
cygsid &usersid, cygsid &pgrpsid, struct passwd * pw,
PTOKEN_GROUPS my_grps, LUID auth_luid, int &auth_pos,
BOOL * special_pgrp)
{
@ -554,7 +554,7 @@ get_group_sidlist (cygsidlist &grp_list,
get_user_primary_group (wserver, user, usersid, pgrpsid);
}
else * special_pgrp = TRUE;
if (get_supplementary_group_sidlist (user, sup_list))
if (pw->pw_name && get_supplementary_group_sidlist (pw->pw_name, sup_list))
{
for (int i = 0; i < sup_list.count; ++i)
if (!grp_list.contains (sup_list.sids[i]))
@ -734,7 +734,7 @@ verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern)
}
HANDLE
create_token (cygsid &usersid, cygsid &pgrpsid)
create_token (cygsid &usersid, cygsid &pgrpsid, struct passwd * pw)
{
NTSTATUS ret;
LSA_HANDLE lsa = INVALID_HANDLE_VALUE;
@ -818,7 +818,7 @@ create_token (cygsid &usersid, cygsid &pgrpsid)
/* Create list of groups, the user is member in. */
int auth_pos;
if (!get_group_sidlist (grpsids, usersid, pgrpsid,
if (!get_group_sidlist (grpsids, usersid, pgrpsid, pw,
my_grps, auth_luid, auth_pos, &special_pgrp))
goto out;
@ -1379,13 +1379,13 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
/* Otherwise retrieve user data from /etc/passwd */
struct passwd *pw = getpwuid32 (uid);
if (!pw)
{
{
debug_printf ("no /etc/passwd entry for %d", uid);
set_errno (EINVAL);
return NULL;
}
else if (!owner_sid.getfrompw (pw))
{
{
debug_printf ("no SID for user %d", uid);
set_errno (EINVAL);
return NULL;

4
winsup/cygwin/security.h
View File

@ -180,7 +180,7 @@ void set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
/* Try a subauthentication. */
HANDLE subauth (struct passwd *pw);
/* Try creating a token directly. */
HANDLE create_token (cygsid &usersid, cygsid &pgrpsid);
HANDLE create_token (cygsid &usersid, cygsid &pgrpsid, struct passwd * pw);
/* Verify an existing token */
BOOL verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern = NULL);
@ -206,7 +206,7 @@ extern BOOL sec_acl (PACL acl, BOOL admins, PSID sid1 = NO_SID, PSID sid2 = NO_S
int __stdcall NTReadEA (const char *file, const char *attrname, char *buf, int len);
BOOL __stdcall NTWriteEA (const char *file, const char *attrname, const char *buf, int len);
PSECURITY_DESCRIPTOR alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
PSECURITY_DESCRIPTOR sd_ret, DWORD *sd_size_ret);
PSECURITY_DESCRIPTOR sd_ret, DWORD *sd_size_ret);
extern inline SECURITY_ATTRIBUTES *
sec_user_nih (char sa_buf[], PSID sid = NULL)

2
winsup/cygwin/syscalls.cc
View File

@ -2043,7 +2043,7 @@ seteuid32 (__uid32_t uid)
{
/* If no impersonation token is available, try to
authenticate using NtCreateToken() or subauthentication. */
cygheap->user.token = create_token (usersid, pgrpsid);
cygheap->user.token = create_token (usersid, pgrpsid, pw_new);
if (cygheap->user.token != INVALID_HANDLE_VALUE)
explicitly_created_token = TRUE;
else