diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2003-11-26 13:23:27 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2003-11-26 13:23:27 +0000 |
| commit | 12069cf31bcd401720e1a86b353ac6237b5e29a3 (patch) | |
| tree | 1c2de4e70fcc84c84af015ab3fb4349722301d5d /winsup/cygwin/security.h | |
| parent | 3db690789f317dc0798bf3dd883a24ebfbb57354 (diff) | |
| download | cygnal-12069cf31bcd401720e1a86b353ac6237b5e29a3.tar.gz cygnal-12069cf31bcd401720e1a86b353ac6237b5e29a3.tar.bz2 cygnal-12069cf31bcd401720e1a86b353ac6237b5e29a3.zip | |
* dir.cc (mkdir): Use local security_descriptor. Call
set_security_attribute appropriately.
* external.cc (cygwin_internal): Ditto.
* fhandler.cc (fhandler_base::open): Ditto.
* fhandler_socket.cc (fhandler_socket::bind): Ditto.
* path.cc (symlink_worker): Ditto.
* sec_acl.cc (setacl): Ditto. Call read_sd appropriately.
(getace): Ditto.
* sec_helper.cc (security_descriptor::malloc): New method.
(security_descriptor::realloc): New method.
(security_descriptor::free): New method.
* security.cc (read_sd): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
Allocate the security_descriptor buffer according to size returned by
a call to GetFileSecurity. Return buffer size on success.
(write_sd): Get security_descriptor as parameter instead of
PSECURITY_DESCRIPTOR and a size.
(get_nt_attribute): Use local security_descriptor.
(get_nt_object_attribute): Ditto in case of type == SE_REGISTRY_KEY.
Allocate security_descriptor buffer according to size returned by
a call to RegGetKeySecurity.
(alloc_sd): Make static. Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
(set_security_attribute): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size.
(set_nt_attribute): Use local security_descriptor.
(check_file_access): Ditto.
* security.h: Add class security_descriptor.
(read_sd): Change declaration to get security_descriptor as parameter
instead of PSECURITY_DESCRIPTOR and a size.
(write_sd): Ditto.
(set_security_attribute): Ditto.
(alloc_sd): Remove declaration.
* thread.cc (semaphore::semaphore): Use local security_descriptor. Call
set_security_attribute appropriately.
Diffstat (limited to 'winsup/cygwin/security.h')
| -rw-r--r-- | winsup/cygwin/security.h | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index f50599adf..5da8e3d89 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -167,6 +167,24 @@ public: } }; +/* Wrapper class to allow simple deleting of buffer space allocated + by read_sd() */ +class security_descriptor { +protected: + PSECURITY_DESCRIPTOR psd; + DWORD sd_size; +public: + security_descriptor () : psd (NULL), sd_size (0) {} + ~security_descriptor () { free (); } + + PSECURITY_DESCRIPTOR malloc (size_t nsize); + PSECURITY_DESCRIPTOR realloc (size_t nsize); + void free (void); + + inline DWORD size (void) const { return sd_size; } + inline operator const PSECURITY_DESCRIPTOR () { return psd; } +}; + class user_groups { public: cygsid pgsid; @@ -228,14 +246,14 @@ int __stdcall set_file_attribute (int, const char *, int); int __stdcall set_file_attribute (int, const char *, __uid32_t, __gid32_t, int); int __stdcall get_object_attribute (HANDLE handle, SE_OBJECT_TYPE object_type, mode_t *, __uid32_t * = NULL, __gid32_t * = NULL); -LONG __stdcall read_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, LPDWORD sd_size); -LONG __stdcall write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size); +LONG __stdcall read_sd (const char *file, security_descriptor &sd); +LONG __stdcall write_sd (const char *file, security_descriptor &sd); BOOL __stdcall add_access_allowed_ace (PACL acl, int offset, DWORD attributes, PSID sid, size_t &len_add, DWORD inherit); BOOL __stdcall add_access_denied_ace (PACL acl, int offset, DWORD attributes, PSID sid, size_t &len_add, DWORD inherit); int __stdcall check_file_access (const char *, int); void set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa, - void *sd_buf, DWORD sd_buf_size); + security_descriptor &sd_buf); bool get_sids_info (cygpsid, cygpsid, __uid32_t * , __gid32_t *); @@ -268,8 +286,6 @@ extern BOOL sec_acl (PACL acl, bool original, bool admins, PSID sid1 = NO_SID, int __stdcall NTReadEA (const char *file, const char *attrname, char *buf, int len); BOOL __stdcall NTWriteEA (const char *file, const char *attrname, const char *buf, int len); -PSECURITY_DESCRIPTOR alloc_sd (__uid32_t uid, __gid32_t gid, int attribute, - PSECURITY_DESCRIPTOR sd_ret, DWORD *sd_size_ret); extern inline SECURITY_ATTRIBUTES * sec_user_nih (char sa_buf[], PSID sid1 = NULL, PSID sid2 = NULL, DWORD access2 = 0) |