* syscalls.cc (seteuid): Unset environment variables HOMEDRIVE and
HOMEPATH before calling internal_getlogin().
* uinfo.cc (internal_getlogin): Use default HOMEPATH and HOMEDRIVE
from environment if both are present, else query NetUserGetInfo().
operators to simplify testing for directory and attributes, throughout.
* path.h (path_conv::exists): New method.
(path_conv::has_attribute): Ditto.
(path_conv::isdir): Ditto.
(path_conv::DWORD &): New operator.
(path_conv::int &): Ditto.
* dir.cc (rmdir): Eliminate a goto.
* dtable.cc (dtable::build_fhandler): Accept opt and suffix info for
path_conv.check. Return fh == NULL on path_conv error. Pass unit to set_name
as appropriate.
(dtable::reset_unix_path_name): New method.
* dtable.h (dtable): Declare new method. Reflect arg changes to
build_fhandler.
* fhandler.cc (fhandler_disk_dummy_name): Eliminate.
(fhandler_base::set_name): Expect paths to be NULL. Build unix_path_name from
win32_path_name when it is a device.
(fhandler_base::reset_unix_path_name): New method.
(fhandler_base::raw_read): Report EISDIR when ERROR_INVALID_FUNCTION or
ERROR_INVALID_PARAMETER and reading a directory.
(fhandler_disk_file::fstat): Don't call stat_dev since we should now never be
calling fhandler_disk_file methods with devices.
(fhandler_base::fhandler_base): Clear {unix,win32}_path_name.
(fhandler_base::~fhandler_base): Always free {unix,win32}_path_name.
(fhandler_disk_file::fhandler_disk_file): Remove set_no_free_names kludge.
(fhandler_disk_file::open): Ditto.
* fhandler.h (fhandler_base::no_free_names): Eliminate.
(fhandler_base::set_no_free_names): Ditto.
* fhandler_tty.cc (fhandler_tty_slave::fhandler_tty_slave): Don't set
unix_path_name here.
* path.cc (fchdir): Lock fd table throughout. Use new
dtable::reset_unix_path_name method to reset path.
* syscalls.cc (stat_worker): Reorganize to always call fstat method. Pass
path_conv method to fhandler_*::open.
(chroot): Elminate a goto.
* dcrt0.cc (set_os_type): Set 'iswinnt' appropriately.
* cygheap.cc (init_cheap): Revert to using VirtualAlloc for allocating cygheap.
(cygheap_setup_for_child_cleanup): New function. Standard function to call
after calling CreateProcess to cleanup cygheap info passed to child.
(cygheap_fixup_in_child): Copy cygheap from shared memory into allocated space
under Windows 9x or if can't relocate shared space under NT.
* cygheap.h: Declare new function.
* spawn.cc (spawn_guts): Use cygheap_fixup_in_child.
* fork.cc (fork_parent): Ditto.
* winsup.h: Declare iswinnt.
fhandler.h.
* fhandler.h (fhandler_base::get_inheritance): New method.
* fhandler_socket.cc (fhandler_socket::create_secret_event): Use proper
close-on-exec inheritance when creating.
(fhandler_socket::check_peer_secret_event): Create handle as non-inheritable.
* path.cc (chdir): Guard against invalid parameter.
(fchdir): New function.
* include/cygwin/version.h: Bump API minor version to 40.
* uinfo.cc (internal_getlogin): Remove unused variable.
USERDOMAIN before impersonation to workaround a LookupAccountSid()
misbehaviour.
* uinfo.cc (internal_getlogin): Revert most of the previous change.
Don't set environment variables USERNAME and USERDOMAIN. That's
the job of seteuid() now. Try to get logon server from Lsa
only if logon server isn't already known.
(cygsid::getfromgr): Ditto.
* security.cc: Use `sys_mbstowcs' and `sys_wcstombs' throughout.
(extract_nt_dom_user): Try to get user and domain from SID in
pw->pw_gecos first.
* security.h (class cygsid): Change parameter of getfrompw() and
getfromgr() to `const'.
* uinfo.cc (internal_getlogin): Change order for evaluating user
information in winNT case. Drop usage of NetWkstaUserGetInfo().
`LsaClose', `LsaEnumerateAccountRights', `LsaFreeMemory',
`LsaOpenPolicy', `LsaQueryInformationPolicy', `NetLocalGroupEnum',
`NetLocalGroupGetMembers', `NetServerEnum', `NetUserGetGroups' and
`NtCreateToken'.
* ntdll.h: Add declaration for `NtCreateToken'.
* sec_helper.cc: Add `well_known_local_sid', `well_known_dialup_sid',
`well_known_network_sid', `well_known_batch_sid',
`well_known_interactive_sid', `well_known_service_sid' and
`well_known_authenticated_users_sid'.
(cygsid::string): Define as const method.
(cygsid::get_sid): Set psid to NO_SID on error.
(cygsid::getfromstr): Ditto.
(cygsid::getfrompw): Simplify.
(cygsid::getfromgr): Check for gr == NULL.
(legal_sid_type): Move to security.h.
(set_process_privilege): Return -1 on error, otherwise 0 or 1 related
to previous privilege setting.
* security.cc (extract_nt_dom_user): Remove `static'.
(lsa2wchar): New function.
(open_local_policy): Ditto.
(close_local_policy): Ditto.
(get_lsa_srv_inf): Ditto.
(get_logon_server): Ditto.
(get_logon_server_and_user_domain): Ditto.
(get_user_groups): Ditto.
(is_group_member): Ditto.
(get_user_local_groups): Ditto.
(sid_in_token_groups): Ditto.
(get_user_primary_group): Ditto.
(get_group_sidlist): Ditto.
(get_system_priv_list): Ditto.
(get_priv_list): Ditto.
(get_dacl): Ditto.
(create_token): Ditto.
(subauth): Return immediately if SE_TCB_NAME can't be assigned.
Change all return statements in case of error to jumps to `out'
label. Add `out' label to support cleanup.
* security.h: Add extern declarations for `well_known_local_sid',
`well_known_dialup_sid', `well_known_network_sid',
`well_known_batch_sid', `well_known_interactive_sid',
`well_known_service_sid' and `well_known_authenticated_users_sid'.
Add extern declarations for functions `create_token',
`extract_nt_dom_user' and `get_logon_server_and_user_domain'.
(class cygsid): Add method `assign'. Change operator= to call new
`assign' method. Add `debug_print' method.
(class cygsidlist): New class.
(legal_sid_type): Moved from sec_helper.cc to here.
* spawn.cc (spawn_guts) Revert reversion of previous patch.
Call `RevertToSelf' and `ImpersonateLoggedOnUser' instead of `seteuid'
again.
* syscalls.cc (seteuid): Rearranged. Call `create_token' now when
needed. Call `subauth' if `create_token' fails. Try setting token
owner and primary group only if token was not explicitely created
by `create_token'.
* uinfo.cc (internal_getlogin): Try harder to generate correct user
information. Especially don't trust return value of `GetUserName'.
* security.h: New define `NO_SID'. Remove declarations of functions
moved to methods into class cygsid.
(class cygsid): Declare new methods `getfromstr', `get_sid',
`getfrompw', `getfromgr', `get_rid', `get_uid', `get_gid', `string'
and new constructors and operators =, == and !=.
Declare new global cygsids `well_known_XXX_sid' substituting the
corresponding `get_XXX_sid' functions. Remove declarations of
these functions.
* sec_helper.cc (well_known_admin_sid): New global variable.
(well_known_system_sid): Ditto
(well_known_creator_owner_sid): Ditto
(well_known_world_sid): Ditto
(cygsid::string): New method, substituting `convert_sid_to_string_sid'.
(cygsid::get_sid): New method, substituting `get_sid'.
(cygsid::getfromstr): New method, substituting
`convert_string_sid_to_sid'.
(cygsid::getfrompw): New method, substituting `get_pw_sid'.
(cygsid::getfromgr): New method, substituting `get_gr_sid'.
(cygsid::get_id): New method, substituting `get_id_from_sid'.
(get_admin_sid): Eliminated.
(get_system_sid): Ditto.
(get_creator_owner_sid): Ditto.
(get_world_sid): Ditto.
* grp.cc: Use new cygsid methods and well known sids throughout.
* registry.cc: Ditto.
* sec_acl.cc: Ditto.
* security.cc: Ditto.
* shared.cc: Ditto.
* syscalls.cc (seteuid): Ditto. Eliminate redundant conditional.
* uinfo.cc (internal_getlogin): Ditto.
* spawn.cc (spawn_guts) Revert previous patch.
(read_etc_group): Substitute MAX_DOMAIN_NAME by
INTERNET_MAX_HOST_NAME_LENGTH.
* passwd.cc (parse_pwd): Don't force pw_name to be lower case.
* sec_helper.cc: Substitute MAX_USER_NAME by UNLEN,
MAX_COMPUTERNAME_LENGTH by INTERNET_MAX_HOST_NAME_LENGTH throughout.
(lookup_name): Slight cleanup.
* security.cc (alloc_sd): Substitute MAX_USER_NAME by UNLEN.
* security.h: Define DEFAULT_UID as DOMAIN_USER_RID_ADMIN and
DEFAULT_GID as DOMAIN_ALIAS_RID_ADMINS.
* shared.cc (memory_init): Substitute MAX_USER_NAME by UNLEN.
* thread.h: Ditto.
* uinfo.cc (internal_getlogin): Substitute MAX_USER_NAME by UNLEN.
Substitute MAX_COMPUTERNAME_LENGTH and MAX_HOST_NAME by
INTERNET_MAX_HOST_NAME_LENGTH.
* winsup.h: Include lmcons.h. Eliminate MAX_USER_NAME and
MAX_HOST_NAME. Move DEFAULT_UID and DEFAULT_GID to security.h.
* cygheap.cc: Include security.h.
* grp.cc (internal_getgrent): New function.
(getgroups): Rearranged using `internal_getgrent' and the new
`cygsid' class.
* passwd.cc (internal_getpwent): New function.
* sec_acl.cc: Use new `cygsid' class throughout.
(acl_access): Use `internal_getgrent' instead of `getgrent'.
* sec_helper.cc: Use new `cygsid' class throughout.
(get_id_from_sid): Use `internal_getgrent' instead of `getgrent'.
Use `internal_getpwent' instead of `getpwent'.
* security.cc: Use new `cygsid' class throughout.
* security.h: Move `MAX_SID_LEN' from winsup.h to here.
Add extern declarations for `internal_getgrent' and `internal_getpwent'.
(class cygsid): New class.
* shared.cc (sec_user): Use new `cygsid' class.
* syscalls.cc (seteuid): Try to set owner to user and primary group to
current group in impersonation token before performing impersonation.
(setegid): Try to set primary group in process token to the new group
if ntsec is on.
* uinfo.cc (internal_getlogin): Use new `cygsid' class.
Try to set owner to user and primary group to current group in process
token if the process has been started from a non cygwin process.
(uinfo_init): Set primary group only if the process has been started
from a non cygwin process.
* winsup.h: Move define for `MAX_SID_LEN' to security.h.
* child_info.h (child_info): Move shared_h, console_h to cygheap. Add mount_h.
* cygheap.h (init_cygheap): Add shared_h, console_h.
* cygheap.cc (init_cheap): Initialize heap at a fixed location after the shared
memory regions. Initialize cygheap->user name here.
* dcrt0.cc (dll_crt0_1): Call getpagesize () to initialize constants. Remove
cygheap_init since it is done in shared_init now.
(_dll_crt0): Initialize mount_h, remove shared_h and console_h initialization.
* fhandler_console.cc (console_shared_h): Eliminate.
(get_tty_stuff): Use cygheap->console_h rather than console_shared_h.
* heap.cc (heap_init): Use page size constant calculated earlier in
initialization.
* shared.cc: Eliminate cygwin_shared_h. Add cygwin_mount_h.
(mount_table_init): New function for initializing a user mount table.
(open_shared_file_map): Use constant for shared memory region. Initialize
cygheap and mount table here.
(open_shared): Improve debugging output.
(shared_info::initialize): Eliminate call to mount.init.
(shared_terminate): Use cygheap->shared_h. Close cygwin_mount_h.
(open_shared_file_map): Eliminate.
* shared_info.h (mount_info): Add a version field.
(shared_align_past): New macro for calculating location for shared memory
regions.
* sigproc.cc (init_child_info): Eliminate shared_h, console_h.
* spawn.cc (spawn_guts): Pass on cygwin_mount_h iff not a different user.
* syscalls.cc (system_info): New global holding system memory defaults.
(getpagesize): Use system_info.
* uinfo.cc (internal_getlogin): Only fill in user name if nonexistent.
* winsup.h: Declare system_info.
* passwd.cc (read_etc_passwd): Use cygheap->user.name () rather than retrieving
the name again.
(cygheap_root::~cygheap_root): Ditto.
(cygheap_root::operator=): Ditto.
(cygheap_user::~cygheap_user): Ditto.
(cygheap_user::set_name): Ditto.
(cygheap_user::set_logsrv): Ditto.
(cygheap_user::set_domain): Ditto.
(cygheap_user::set_sid): Ditto.
* cygheap.h (cygheap_root): New class.
(cygheap_user): Ditto.
(init_cygheap): Change type of `root' member to cygheap_root.
Add `user' member.
* dir.cc (opendir): Use new `cygheap_root' class.
* dcrt0.cc (dll_crt0_1): Use new `cygheap_user' class.
* fork.cc (fork_parent): Ditto.
* grp.cc (getgroups): Ditto.
* passwd.cc (search_for): Ditto.
* path.cc: Use new `cygheap_root' class throughout.
* pinfo.h (_pinfo): Remove `use_psid'. Move `username', `psid',
`logsrv', `domain', `orig_{uid,gid}' and `real_{uid,gid}' to
cygheap_user class.
* security.cc: Use new `cygheap_user' class throughout.
* shared.cc (sec_user): Ditto.
* sigproc.cc (proc_subproc): Remove copy statements for user
related information moved to `cygheap_user' class.
* spawn.cc (spawn_guts): Invalidate current chroot settings
when creating Windows environment. Use new `cygheap_user' class.
* syscalls.cc: Use new `cygheap_user' class throughout.
* uinfo.cc: Ditto.
* uinfo.cc (internal_getlogin): Change parameters to reflect the
move of user information to cygheap.
* dcrt0.cc (dll_crt0_1): Call signal_fixup_after_exec where appropriate. Set
myself->uid from parent version. Just use ThreadItem Init method. Close or
store hexec_proc as appropriate.
(_dll_crt0): Store user_data->forkee here so that proper tests can be made
subsequently.
(do_exit): Remove hExeced stuff.
* environ.cc (environ_init): Accept environ count as well as environ pointer.
* environ.h: Reflect above change.
* pinfo.cc (pinfo_init): Ditto. Accept environ count.
(fixup_in_spawned_child): Remove.
* spawn.cc (spawn_guts): Move signal code to dll_crt0_1. Don't suspend execing
process since it is no longer necessary. Store envc.
* exceptions.cc (signal_fixup_after_exec): New function.
(call_handler): Remove hExeced test.
* child_info.h (cygheap_exec_info): Store envc as well as envp.
(child_info_spawn): Store hexec_proc so that it can be closed in child.
* path.cc (normalize_posix_path): Avoid intermediate use of temporary cwd buf.
(normalize_win32_path): Ditto.
(cwdstuff::get_initial): Always set lock.
* sigproc.h: Remove hExeced.
* strace.cc (strace::vsprntf): Modify to accomodate for lack of hExeced.
* thread.cc (MTinterface::Init): Merge Init1 and ClearReent into this method.
(MTinterface::Init1): Eliminate.
(MTinterface::ClearReent): Eliminate.
* thread.h: Reflect above changes.
* include/sys/strace.h (strace): Make microseconds() public. Make various
functions 'regparm', throughout.
* pinfo.h (_pinfo): Inline simple signal manipulation functions. Requires
inclusion of thread.h which was removed from .cc files, where appropriate.
throughout.
* pinfo.cc: Eliminate signal manipulation functions.
(_pinfo::exit): Calculate total rusage for exiting process here.
* cygheap.cc (size2bucket): Eliminate.
(init_buckets): Ditto.
(_cmalloc): Calculate size and bits in a loop rather than going through a
function call.
(_crealloc): Use stored array index to calculate allocated size.
* spawn.cc (spawn_guts): Use _pinfo exit method to exit, calculating cpu usage.
throughout.
* shared.h: Remove.
* cygwin_version.h: New file.
* delqueue.h: New file.
* environ.h: New file.
* host_dependent.h: New file.
* perprocess.h: New file.
* registry.h: New file.
* security.h: New file.
* child_info.h: Add specific exec class.
* cygheap.h: New file. Contains declarations for cygwin heap.
* cygheap.cc: New file. Implements cygwin heap functions.
* dcrt0.cc (quoted): Simplify due to new method for passing arguments between
cygwin programs.
(alloc_stack_hard_way): Attempt to handle overlapped stack.
(dll_crt0_1): Move child_info processing here. Accomodate new method for
passing arguments between cygwin programs. Initialize cygwin heap. Establish
__argc and __argv variables.
(_dll_crt0): Move most of child_info processing to dll_crt0_1.
(cygwin_dll_init): Remove duplication.
* dtable.cc (dtable::extend): Allocate dtable using cygwin heap.
(dtable::build_fhandler): Ditto for fhandler type being constructed.
(dtable::dup_worker): Free new fhandler from cygwin heap on error.
(dtable::select_*): Don't assume that this == fdtab.
(dtable::linearize_fd_array): Delete.
(dtable::delinearize_fd_array): Delete.
(dtable::fixup_after_exec): New file.
(dtable::vfork_child_dup): Use cygwin heap.
(dtable::vfork_parent_restore): Ditto.
* dtable.h: Remove obsolete methods. Add new method.
* environ.cc (posify): Eliminate already_posix parameter and logic.
(envsize): New function.
(_addenv): Use envsize.
(environ_init): Accept an argument pointing to an existing environment list.
If supplied, allocate space for this in the the program's heap.
* fhandler.cc (fhandler_base::operator =): Move here from fhandler.h. Use
cygwin heap to allocate filenames.
(fhandler_base::set_name): Allocate/free names from cygwin heap.
(fhandler_base::linearize): Delete.
(fhandler_base::de_linearize): Delete.
(fhandler_base::operator delete): Free from cygwin heap.
(fhandler_base::~fhandler_base): Ditto.
* fhandler.h: Accomodate elimination of *linearize and other changes above.
* fhandler_console.cc (fhandler_console::fixup_after_exec): Rename from
de_linearize.
* heap.h: New file.
* fhandler_tty.cc (fhandler_tty_slave::fhandler_tty_slave): Use cygwin heap for
name. fhandler_tty::fixup_after_exec): Rename from de_linearize.
* fork.cc (fork): Call cygheap_fixup_in_child.
* heap.cc: Use declarations in heap.h.
* malloc.cc: Sprinkle assertions throughout to catch attempts to free/realloc
something from the cygwin heap.
* path.cc: Throughout, eliminate use of per-thread cache for cwd. Use cwd_*
functions rather than cwd_* variables to access cwd_win32 and cwd_posix.
(cwd_win32): New function.
(cwd_posix): New function.
(cwd_hash): New function.
(cwd_fixup_after_exec): New function.
* path.h: Accomodate path.cc changes.
* pinfo.cc (pinfo_init): Accept a pointer to an environment table. Pass this
to environ_init. Eliminate old 'title' tests.
* pinfo.h: Accomodate above change in argument.
* spawn.cc (struct av): New method for building argv list.
(av::unshift): New method.
(spawn_guts): Allocate everything that the child process needs in the cygwin
heap and pass a pointer to this to the child. Build argv list using new
method. Eliminate delinearize stuff.
* thread.h: Eliminate _cwd_win32 and _cwd_posix buffers.
* winsup.h: Eliminate obsolete functions. Add envsize() declaration.
(cygwin_select): Move fd_set copying logic from ::wait to here. Use common
return through sell.poll.
(select_stuff::wait): Just return success or failure and let caller fill in
fd_set.
* pinfo.h (pinfo): Eliminate self-referential pointer to sidbuf since pinfo
structure exists at random locations now.
* fork.cc (fork): Use 'use_psid' element to control when the psid is relevant.
* shared.cc (sec_user): Ditto.
* spawn.cc (spawn_guts): Ditto.
* uinfo.cc (internal_getlogin): Ditto.
* syscall.cc (seteuid): Ditto. Set use_psid element.
* *.cc: put winsup.h before other headers (for __INSIDE_CYGWIN__);
use cur_environ() instead of just environ
* times.cc: remove import protections
* glob.c: add winsup.h
* localtime.c: ditto
* smallprint.c: ditto
* Makefile.in: don't __INSIDE_CYGWIN__ as it messes up profiling.
the changes below. Redefine process structure to avoid a fixed size table.
Redefine pinfo/_pinfo classes. Use these throughout.
* dcrt0.cc (dll_crt0_1): Accomodate set_myself argument change.
(__api_fatal): Accomodate _pinfo::record_death argument change.
* exceptions.cc (really_exit): Ditto.
(sig_handle_tty_stop): Use pinfo constructor to access process info.
(events_init): Don't create pinfo_mutex since it is no longer required.
* external.cc (fillout_pinfo): Use winpids class to iterate over all system
pids.
(cygwin_internal): lock_pinfo_for_update and unlock_pinfo are now noops.
* fhandler_termios.cc (fhandler_termios::set_ctty): Use pinfo constructor to
access process info.
* fork.cc (fork): Reorganize to initialize child info after the child has
started since that is when we know the child's winpid, which is necessary to
allocate the pinfo shared memory.
* mmap.cc (recreate_mmaps_after_fork): Change arg type to _pinfo.
* pinfo.cc: Rename pinfo methods to _pinfo throughout. Eliminate pinfo_list
stuff.
(set_myself): Accept a pid argument now. Call pinfo initializer to initialize
myself. Detect when this is an "execed" process and create an "indirect" pid
block.
(pinfo_init): Accomodate set_myself arg change.
(procinfo): Remove.
(pinfo::lock_pinfo): Remove.
(pinfo::unlock_pinfo): Remove.
(pinfo::init): New method. Allocates shared memory space for process pinfo
structure.
(pinfo::record_death): Don't call locking functions.
(cygwin_winpid_to_pid): Simplify by using new pinfo constructor.
(EnumProcessesW95): New function for iterating over processes on Windows 95.
(winpids::winpids): New constructor for winpids class. Sets up a list of
process ids.
(enum_init): Initialize w95/wnt pid enumerators.
* shared.cc (shared-info::initialize): Remove pid initialization.
* shared.h: Move pinfo stuff into pinfo.h.
(class shared_info): Remove pinfo_list element.
* signal.cc (kill_worker): Use pinfo constructor to access process info.
(kill_pgrp): Ditto. Use winpids methods to access list of processes.
* sigproc.cc: Throughout, modify to use _pinfo where appropriate.
(proc_exists (pid_t)): New function. Determines if a process exists based on
the pid.
(proc_exists (_pinfo *p): Use new proc_exists function above.
(proc_subproc): Copy pinfo stuff around rather than _pinfo pointers. Try to be
careful about releasing shared memory when we don't need it anymore. Remove
pinfo locks.
(remove_zombies): Remove pinfo memory when zombie is going away.
* sigproc.h: Reflect _pinfo/pinfo changes in sigproc.cc.
* spawn.cc (spawn_guts): Eliminate pinfo *child argument. Reorganize to only
initialize child pinfo after process has been started and we know the windows
pid.
(_spawnve): Reflect spawn_guts changes.
* syscalls.cc (setpgid): Use pinfo constructor to access process info.
(getpgid): Ditto.
(internal_getlogin): Use _pinfo.
* winsup.h: Eliminate pinfo_mutex. Eliminate spawn_guts declaration since it
is static now. Reflect set_myself argument change.
* include/sys/cygwin.h: Add some PID_* enums to accomodate new pinfo stuff.
* include/cygwin/version.h: Update minor version for cygdrive changes below.
* winsup.h: Add new macros sys_wcstombs and sys_mbstowcs.
* syscalls.cc (_link): Replace calls to mbstowcs by call to
sys_mbstowcs.
* uinfo.cc (internal_getlogin): Replace calls to wcstombs and
mbstowcs by calls to sys_wcstombs and sys_mbstowcs. Replace
usage of constants by meaningful defines. Use result of
GetSystemDirectory for HOMEPATH and HOMEDRIVE as a last resort.
* fork.cc (fork): Use above defines instead of numerical constants.
* shared.cc (sec_user): Ditto.
* shared.h (class pinfo): Ditto.
* syscall.cc (seteuid): Ditto.
* spawn.cc (_spawnve): Ditto. Eliminate conditional.
(spawn_guts): Set child->uid = USHRT_MAX when user context will be
changed in child process.
* uinfo.cc (uinfo_init): Check for myself->uid instead of myself->psid
to avoid reloading of /etc/passwd on process startup if ntsec is off.
Use above defines instead of numerical constants.
* security.cc: Move define for MAX_SID_LEN to winsup.h.