diff options
| -rw-r--r-- | winsup/cygwin/ChangeLog | 9 | ||||
| -rw-r--r-- | winsup/cygwin/autoload.cc | 1 | ||||
| -rw-r--r-- | winsup/cygwin/pinfo.cc | 5 | ||||
| -rw-r--r-- | winsup/cygwin/spawn.cc | 8 | ||||
| -rw-r--r-- | winsup/cygwin/uinfo.cc | 8 |
5 files changed, 24 insertions, 7 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 2a879fb54..7f824b4b2 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,5 +1,14 @@ 2007-07-19 Corinna Vinschen <corinna@vinschen.de> + * autoload.cc (SetUserObjectSecurity): Drop. + * pinfo.cc (pinfo::set_acl): Use NtSetSecurityObject instead of + SetKernelObjectSecurity. + * spawn.cc (spawn_guts): Use NtSetSecurityObject instead of + SetUserObjectSecurity. + * uinfo.cc (cygheap_user::init): Ditto. + +2007-07-19 Corinna Vinschen <corinna@vinschen.de> + * cygheap.h (init_cygheap::luid): Remove. * mmap.cc (mlock): Accommodate parameter change in call to push_thread_privilege. diff --git a/winsup/cygwin/autoload.cc b/winsup/cygwin/autoload.cc index 82ecf46c2..0f076f66f 100644 --- a/winsup/cygwin/autoload.cc +++ b/winsup/cygwin/autoload.cc @@ -357,7 +357,6 @@ LoadDLLfunc (SendMessageA, 16, user32) LoadDLLfunc (SetClipboardData, 8, user32) LoadDLLfunc (SetProcessWindowStation, 4, user32) LoadDLLfunc (SetTimer, 16, user32) -LoadDLLfunc (SetUserObjectSecurity, 12, user32) LoadDLLfunc (accept, 12, ws2_32) LoadDLLfunc (bind, 12, ws2_32) diff --git a/winsup/cygwin/pinfo.cc b/winsup/cygwin/pinfo.cc index 6e6a85c1d..8c4702dfd 100644 --- a/winsup/cygwin/pinfo.cc +++ b/winsup/cygwin/pinfo.cc @@ -291,6 +291,7 @@ pinfo::set_acl() { PACL acl_buf = (PACL) alloca (1024); SECURITY_DESCRIPTOR sd; + NTSTATUS status; sec_acl (acl_buf, true, true, cygheap->user.sid (), well_known_world_sid, FILE_MAP_READ); @@ -298,8 +299,8 @@ pinfo::set_acl() debug_printf ("InitializeSecurityDescriptor %E"); else if (!SetSecurityDescriptorDacl (&sd, TRUE, acl_buf, FALSE)) debug_printf ("SetSecurityDescriptorDacl %E"); - else if (!SetKernelObjectSecurity (h, DACL_SECURITY_INFORMATION, &sd)) - debug_printf ("SetKernelObjectSecurity %E"); + else if ((status = NtSetSecurityObject (h, DACL_SECURITY_INFORMATION, &sd))) + debug_printf ("NtSetSecurityObject %lx", status); } const char * diff --git a/winsup/cygwin/spawn.cc b/winsup/cygwin/spawn.cc index 69a904314..604376880 100644 --- a/winsup/cygwin/spawn.cc +++ b/winsup/cygwin/spawn.cc @@ -34,6 +34,7 @@ details. */ #include "environ.h" #include "cygtls.h" #include "winf.h" +#include "ntdll.h" static suffix_info exe_suffixes[] = { @@ -514,15 +515,18 @@ loop: /* allow the child to interact with our window station/desktop */ HANDLE hwst, hdsk; SECURITY_INFORMATION dsi = DACL_SECURITY_INFORMATION; + NTSTATUS status; DWORD n; char wstname[1024]; char dskname[1024]; hwst = GetProcessWindowStation (); - SetUserObjectSecurity (hwst, &dsi, get_null_sd ()); + if ((status = NtSetSecurityObject (hwst, dsi, get_null_sd ()))) + system_printf ("NtSetSecurityObject, %lx", status); GetUserObjectInformation (hwst, UOI_NAME, wstname, 1024, &n); hdsk = GetThreadDesktop (GetCurrentThreadId ()); - SetUserObjectSecurity (hdsk, &dsi, get_null_sd ()); + if ((status = NtSetSecurityObject (hdsk, dsi, get_null_sd ()))) + system_printf ("NtSetSecurityObject, %lx", status); GetUserObjectInformation (hdsk, UOI_NAME, dskname, 1024, &n); strcat (wstname, "\\"); strcat (wstname, dskname); diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index c582b629e..a6d8c41b3 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -30,6 +30,7 @@ details. */ #include "child_info.h" #include "environ.h" #include "pwdgrp.h" +#include "ntdll.h" /* Initialize the part of cygheap_user that does not depend on files. The information is used in shared.cc for the user shared. @@ -72,12 +73,15 @@ cygheap_user::init () if (GetSecurityDescriptorDacl (psd, &acl_exists, &dacl.DefaultDacl, &dummy) && acl_exists && dacl.DefaultDacl) { + NTSTATUS status; + /* Set the default DACL and the process DACL */ if (!SetTokenInformation (hProcToken, TokenDefaultDacl, &dacl, sizeof (dacl))) system_printf ("SetTokenInformation (TokenDefaultDacl), %E"); - if (!SetKernelObjectSecurity (hMainProc, DACL_SECURITY_INFORMATION, psd)) - system_printf ("SetKernelObjectSecurity, %E"); + if ((status = NtSetSecurityObject (hMainProc, DACL_SECURITY_INFORMATION, + psd))) + system_printf ("NtSetSecurityObject, %lx", status); } else system_printf("Cannot get dacl, %E"); |