* cygheap.h (class cygheap_user): Use INVALID_HANDLE_VALUE as invalid

value for tokens.
	* syscalls.cc (seteuid32): Ditto.  Set new_token to process token if
	process token is suitable.
	* uinfo.cc (uinfo_init): Initialize tokens in cygheap user info
	to INVALID_HANDLE_VALUE.

	* cygheap.h (enum impersonation): Delete.
	(cygheap_user::impersonation_state): Delete.
	(cygheap_user::current_token): New.
	(cygheap_user::issetuid): Modify to use current_token.
	(cygheap_user::token): Ditto.
	(cygheap_user::deimpersonate): Ditto.
	(cygheap_user::reimpersonate): Ditto.
	(cygheap_user::has_impersonation_tokens): Ditto.
	(cygheap_user::close_impersonation_tokens): Ditto.
	* security.cc (cygwin_set_impersonation_token): Always set the token.
	(verify_token): Change type of gsid to cygpsid.
	(get_file_attribute): Use the effective ids.
	* syscalls.cc (seteuid32): Modify to use cygheap_user::current_token.
	* uinfo.cc (uinfo_init) Do not set cygheap->user.impersonation_state.
This commit is contained in:
Corinna Vinschen
2003-07-14 17:04:21 +00:00
parent 9ff631a70c
commit ea3ba11499
5 changed files with 106 additions and 115 deletions

View File

@ -69,17 +69,8 @@ extern "C" void
cygwin_set_impersonation_token (const HANDLE hToken)
{
debug_printf ("set_impersonation_token (%d)", hToken);
if (cygheap->user.impersonation_state == IMP_EXTERNAL
&& cygheap->user.external_token != hToken)
{
set_errno (EPERM);
return;
}
else
{
cygheap->user.external_token = hToken;
return;
}
cygheap->user.external_token = hToken;
return;
}
void
@ -741,13 +732,13 @@ verify_token (HANDLE token, cygsid &usersid, user_groups &groups, BOOL *pintern)
if (intern && !groups.issetgroups ())
{
char sd_buf[MAX_SID_LEN + sizeof (SECURITY_DESCRIPTOR)];
PSID gsid = NO_SID;
cygpsid gsid (NO_SID);
if (!GetKernelObjectSecurity (token, GROUP_SECURITY_INFORMATION,
(PSECURITY_DESCRIPTOR) sd_buf,
sizeof sd_buf, &size))
debug_printf ("GetKernelObjectSecurity(): %E");
else if (!GetSecurityDescriptorGroup ((PSECURITY_DESCRIPTOR) sd_buf,
&gsid, (BOOL *) &size))
(PSID *) &gsid, (BOOL *) &size))
debug_printf ("GetSecurityDescriptorGroup(): %E");
if (well_known_null_sid != gsid)
return gsid == groups.pgsid;
@ -1414,9 +1405,9 @@ get_file_attribute (int use_ntsec, const char *file,
}
if (uidret)
*uidret = getuid32 ();
*uidret = myself->uid;
if (gidret)
*gidret = getgid32 ();
*gidret = myself->gid;
if (!attribute)
return 0;