* cygheap.cc (cygheap_init): Fix formatting. Remove comment. Set

shared_prefix depending only on terminal service capability.
	* dcrt0.cc (dll_crt0_1): Don't call set_cygwin_privileges here.
	* fhandler_fifo.cc (fhandler_fifo::open): Create the mutex as global
	object.
	* posix_ipc.cc (ipc_mutex_init): Use cygheap->shared_prefix.
	(ipc_cond_init): Ditto.
	* sec_helper.cc (privilege_name): Make static.  Use LookupPrivilegeName
	directly to be independent of the state of cygheap.
	(set_privilege): Take a LUID as parameter instead of an index value.
	Only print debug output in case of failure.
	(set_cygwin_privileges): Add comment.  Use LookupPrivilegeValue to
	get privilege LUIDs.
	(init_global_security): Call set_cygwin_privileges here.
	* security.h (privilege_name): Drop declaration.
	(set_privilege): Declare according to above change.
	(set_process_privilege): Call privilege_luid to get LUID.
	(_push_thread_privilege): Ditto.
	* shared.cc (open_shared): Add comment.  On systems supporting the
	SeCreateGlobalPrivilege, try to create/open global shared memory first.
	Fall back to local shared memory if that fails.
	* thread.cc (semaphore::semaphore): Use cygheap->shared_prefix.
	* wincap.h (wincapc::has_create_global_privilege): New element.
	* wincap.cc: Implement above element throughout.
This commit is contained in:
Corinna Vinschen
2007-03-29 16:37:36 +00:00
parent 519aec5d59
commit e6fbf13e48
11 changed files with 111 additions and 58 deletions

View File

@@ -153,7 +153,8 @@ cygheap_init ()
cygheap_protect.init ("cygheap_protect");
if (!cygheap)
{
cygheap = (init_cygheap *) memset (_cygheap_start, 0, _cygheap_mid - _cygheap_start);
cygheap = (init_cygheap *) memset (_cygheap_start, 0,
_cygheap_mid - _cygheap_start);
cygheap_max = cygheap;
_csbrk (sizeof (*cygheap));
}
@@ -162,35 +163,9 @@ cygheap_init ()
if (!cygheap->sigs)
sigalloc ();
/* TODO: This is plain wrong. There's a difference between global shared
memory and every other global object. It's still allowed to
create any global object from a process not having the
SE_CREATE_GLOBAL_NAME privilege. It's only disallowed to create
global shared memory objects when not running in session 0 or
when not having the privilege.
The end result should look like this:
- All objects shared between multiple processes except shared
memory should always be created as global objects.
- Shared memory only needed locally should stick to being session
local.
- Every process should always try to create resp. open shared
memory as global.
- Only if that fails it should try to create the shared memory
as local shared memory, or ...
- ... the MS suggested workaround is to create a file backed shared
memory if a process has not the privilege to create global shared
memory.
However, this has to be planned carefully, especially given that
every single process creates its own (resp. the child's) shared
memory area with the process specific information. */
if (!cygheap->shared_prefix)
cygheap->shared_prefix = cstrdup (
wincap.has_terminal_services ()
&& (set_privilege (hProcToken, SE_CREATE_GLOBAL_PRIV, true) >= 0
|| GetLastError () == ERROR_NO_SUCH_PRIVILEGE)
? "Global\\" : "");
wincap.has_terminal_services () ? "Global\\" : "");
}
/* Copyright (C) 1997, 2000 DJ Delorie */