summaryrefslogtreecommitdiffstats
path: root/winsup/cygwin/security.cc
diff options
context:
space:
mode:
authorCorinna Vinschen <corinna@vinschen.de>2004-04-14 10:20:26 +0000
committerCorinna Vinschen <corinna@vinschen.de>2004-04-14 10:20:26 +0000
commitf4ae6dc62cfb0cfac135d4e810fef592a401e26b (patch)
tree097e624c71735f25b1ec85fce0d456ba6f0eaa32 /winsup/cygwin/security.cc
parent93d66ddc2095c19a19df0f7d32cfda0560b3dfe6 (diff)
downloadcygnal-f4ae6dc62cfb0cfac135d4e810fef592a401e26b.tar.gz
cygnal-f4ae6dc62cfb0cfac135d4e810fef592a401e26b.tar.bz2
cygnal-f4ae6dc62cfb0cfac135d4e810fef592a401e26b.zip
* autoload.cc (NtSetSecurityObject): Add.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Only request READ_CONTROL rights when opening the file. * ntdll.h (NtSetSecurityObject): Add declaration. * security.cc (write_sd): Call NtSetSecurityObject instead of BackupWrite. (get_nt_object_security): Don't free security descriptor here. * syscalls.cc (ttyname): Use buffer of length TTY_NAME_MAX + 1. * sysconf.cc (sysconf): Handle _SC_TTY_NAME_MAX request. * include/limits.h: Define TTY_NAME_MAX and _POSIX_TTY_NAME_MAX.
Diffstat (limited to 'winsup/cygwin/security.cc')
-rw-r--r--winsup/cygwin/security.cc68
1 files changed, 18 insertions, 50 deletions
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index bbe409be4..c932c2441 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -1141,64 +1141,33 @@ write_sd (const char *file, security_descriptor &sd)
else
res = saved_res;
if (res == 1 && owner != cygheap->user.sid ())
- return -1;
-
- HANDLE fh;
- fh = CreateFile (file,
- WRITE_OWNER | WRITE_DAC,
- FILE_SHARE_READ | FILE_SHARE_WRITE,
- &sec_none_nih,
- OPEN_EXISTING,
- FILE_ATTRIBUTE_NORMAL | FILE_FLAG_BACKUP_SEMANTICS,
- NULL);
-
- if (fh == INVALID_HANDLE_VALUE)
{
- __seterrno ();
+ set_errno (EPERM);
return -1;
}
-
- LPVOID context = NULL;
- DWORD bytes_written = 0;
- WIN32_STREAM_ID header;
-
- memset (&header, 0, sizeof (header));
- /* write new security info header */
- header.dwStreamId = BACKUP_SECURITY_DATA;
- header.dwStreamAttributes = STREAM_CONTAINS_SECURITY;
- header.Size.HighPart = 0;
- header.Size.LowPart = sd.size ();
- header.dwStreamNameSize = 0;
- if (!BackupWrite (fh, (LPBYTE) &header,
- 3 * sizeof (DWORD) + sizeof (LARGE_INTEGER),
- &bytes_written, FALSE, TRUE, &context))
+ HANDLE fh;
+ if ((fh = CreateFile (file,
+ WRITE_OWNER | WRITE_DAC,
+ FILE_SHARE_READ | FILE_SHARE_WRITE,
+ &sec_none_nih,
+ OPEN_EXISTING,
+ FILE_ATTRIBUTE_NORMAL | FILE_FLAG_BACKUP_SEMANTICS,
+ NULL)) == INVALID_HANDLE_VALUE)
{
__seterrno ();
- CloseHandle (fh);
return -1;
}
-
- /* write new security descriptor */
- if (!BackupWrite (fh, (LPBYTE) (PSECURITY_DESCRIPTOR) sd,
- header.Size.LowPart + header.dwStreamNameSize,
- &bytes_written, FALSE, TRUE, &context))
+ NTSTATUS ret = NtSetSecurityObject (fh,
+ DACL_SECURITY_INFORMATION
+ | GROUP_SECURITY_INFORMATION
+ | OWNER_SECURITY_INFORMATION,
+ sd);
+ CloseHandle (fh);
+ if (ret != STATUS_SUCCESS)
{
- /* Samba returns ERROR_NOT_SUPPORTED.
- FAT returns ERROR_INVALID_SECURITY_DESCR.
- This shouldn't return as error, but better be ignored. */
- DWORD ret = GetLastError ();
- if (ret != ERROR_NOT_SUPPORTED && ret != ERROR_INVALID_SECURITY_DESCR)
- {
- __seterrno ();
- BackupWrite (fh, NULL, 0, &bytes_written, TRUE, TRUE, &context);
- CloseHandle (fh);
- return -1;
- }
+ __seterrno_from_win_error (RtlNtStatusToDosError (ret));
+ return -1;
}
-
- /* terminate the restore process */
- BackupWrite (fh, NULL, 0, &bytes_written, TRUE, TRUE, &context);
- CloseHandle (fh);
return 0;
}
@@ -1391,7 +1360,6 @@ get_nt_object_security (HANDLE handle, SE_OBJECT_TYPE object_type,
}
if (ret != STATUS_SUCCESS)
{
- sd_ret.free ();
__seterrno_from_win_error (RtlNtStatusToDosError (ret));
return -1;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-30 04:33:00 +0000