diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2004-04-16 21:22:13 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2004-04-16 21:22:13 +0000 |
| commit | e859706578ba60d3fcc011dd0e5d77b10342ae3f (patch) | |
| tree | f0389a758d5de16c41d4275ae53d040e09ede040 /winsup/cygwin/security.cc | |
| parent | e2c248c18bcfa7ceed603f92bc8085c7e1bd10b0 (diff) | |
| download | cygnal-e859706578ba60d3fcc011dd0e5d77b10342ae3f.tar.gz cygnal-e859706578ba60d3fcc011dd0e5d77b10342ae3f.tar.bz2 cygnal-e859706578ba60d3fcc011dd0e5d77b10342ae3f.zip | |
* autoload.cc (NtCreateFile): Add.
* dir.cc (mkdir): Change set_file_attribute call to indicate that
NT security isn't used.
* fhandler.cc (fhandler_base::open_9x): New method, created from
fhandler_base::open.
(fhandler_base::open): Rearrange to use NtCreateFile instead of
CreateFile.
* fhandler.h (enum query_state): Redefine query_null_access to
query_stat_control. query_null_access isn't allowed in NtCreateFile.
(fhandler_base::open_9x): Declare.
* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
query_stat_control first, query_read_control if that fails.
(fhandler_disk_file::fchmod): Call enable_restore_privilege before
trying to open for query_write_control. Don't fall back to
opening for query_read_control.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Only request restore privilege and query
access necessary for given cmd.
* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
instead of opening device here.
* ntdll.h (NtCreateFile): Declare.
* path.cc (symlink_worker): Change set_file_attribute call to indicate
that NT security isn't used.
* sec_acl.cc (getacl): Fix bracketing.
* sec_helper.cc (enable_restore_privilege): New function.
* security.cc (str2buf2uni_cat): New function.
(write_sd): Don't request restore permission here.
* security.h (set_process_privileges): Drop stale declaration.
(str2buf2uni): Declare.
(str2buf2uni_cat): Declare.
(enable_restore_privilege): Declare.
* syscalls.cc (fchown32): Return immediate success on 9x.
Diffstat (limited to 'winsup/cygwin/security.cc')
| -rw-r--r-- | winsup/cygwin/security.cc | 41 |
1 files changed, 11 insertions, 30 deletions
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 239505128..29dd0a056 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -165,6 +165,16 @@ str2buf2uni (UNICODE_STRING &tgt, WCHAR *buf, const char *srcstr) sys_mbstowcs (buf, srcstr, tgt.MaximumLength); } +void +str2buf2uni_cat (UNICODE_STRING &tgt, const char *srcstr) +{ + DWORD len = strlen (srcstr) * sizeof (WCHAR); + sys_mbstowcs (tgt.Buffer + tgt.Length / sizeof (WCHAR), srcstr, + len + tgt.MaximumLength); + tgt.Length += len; + tgt.MaximumLength += len; +} + #if 0 /* unused */ static void lsa2wchar (WCHAR *tgt, LSA_UNICODE_STRING &src, int size) @@ -1119,38 +1129,9 @@ read_sd (const char *file, security_descriptor &sd) LONG write_sd (HANDLE fh, const char *file, security_descriptor &sd) { - /* Try turning privilege on, may not have WRITE_OWNER or WRITE_DAC access. - Must have privilege to set different owner, else BackupWrite misbehaves */ - static int NO_COPY saved_res; /* 0: never, 1: failed, 2 & 3: OK */ - int res; - if (!saved_res || cygheap->user.issetuid ()) - { - res = 2 + set_process_privilege (SE_RESTORE_NAME, true, - cygheap->user.issetuid ()); - if (!cygheap->user.issetuid ()) - saved_res = res; - } - else - res = saved_res; - if (res == 1) - { - BOOL dummy; - cygpsid owner; - - if (!GetSecurityDescriptorOwner (sd, (PSID *) &owner, &dummy)) - { - __seterrno (); - return -1; - } - if (owner != cygheap->user.sid ()) - { - set_errno (EPERM); - return -1; - } - } NTSTATUS ret = STATUS_SUCCESS; int retry = 0; - res = -1; + int res = -1; for (; retry < 2; ++retry) { if (retry && (fh = CreateFile (file, WRITE_OWNER | WRITE_DAC, |