From 9808b5c42058aa7a0f788275df4cd73d42f25c94 Mon Sep 17 00:00:00 2001
From: Pierre Humblet <phumblet@phumblet.no-ip.org>
Date: Thu, 16 Oct 2003 23:20:41 +0000
Subject: 2003-10-16  Pierre Humblet  <pierre.humblet@ieee.org>

	* syscalls.cc (seteuid32): Always construct a default DACL including
	the new sid, Admins and SYSTEM and copy it to the new thread token.
	* security.cc (create_token): Use a NULL default DACL in NtCreateToken.
---
 winsup/cygwin/security.cc | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

(limited to 'winsup/cygwin/security.cc')

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index 9b8c6da0a..745fa0c5d 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -815,8 +815,7 @@ create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
   PTOKEN_PRIVILEGES privs = NULL;
   TOKEN_OWNER owner;
   TOKEN_PRIMARY_GROUP pgrp;
-  char acl_buf[MAX_DACL_LEN (5)];
-  TOKEN_DEFAULT_DACL dacl;
+  TOKEN_DEFAULT_DACL dacl = {};
   TOKEN_SOURCE source;
   TOKEN_STATISTICS stats;
   memcpy (source.SourceName, "Cygwin.1", 8);
@@ -905,13 +904,6 @@ create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
   if (!(privs = get_priv_list (lsa, usersid, tmp_gsids)))
     goto out;
 
-  /* Create default dacl. */
-  if (!sec_acl ((PACL) acl_buf, false, false,
-		tmp_gsids.contains (well_known_admins_sid) ?
-		well_known_admins_sid : usersid))
-    goto out;
-  dacl.DefaultDacl = (PACL) acl_buf;
-
   /* Let's be heroic... */
   ret = NtCreateToken (&token, TOKEN_ALL_ACCESS, &oa, TokenImpersonation,
 		       &auth_luid, &exp, &user, new_tok_gsids, privs, &owner,
-- 
cgit v1.2.3