From e859706578ba60d3fcc011dd0e5d77b10342ae3f Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Fri, 16 Apr 2004 21:22:13 +0000 Subject: * autoload.cc (NtCreateFile): Add. * dir.cc (mkdir): Change set_file_attribute call to indicate that NT security isn't used. * fhandler.cc (fhandler_base::open_9x): New method, created from fhandler_base::open. (fhandler_base::open): Rearrange to use NtCreateFile instead of CreateFile. * fhandler.h (enum query_state): Redefine query_null_access to query_stat_control. query_null_access isn't allowed in NtCreateFile. (fhandler_base::open_9x): Declare. * fhandler_disk_file.cc (fhandler_base::fstat_fs): Use query_stat_control first, query_read_control if that fails. (fhandler_disk_file::fchmod): Call enable_restore_privilege before trying to open for query_write_control. Don't fall back to opening for query_read_control. (fhandler_disk_file::fchown): Ditto. (fhandler_disk_file::facl): Only request restore privilege and query access necessary for given cmd. * fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open instead of opening device here. * ntdll.h (NtCreateFile): Declare. * path.cc (symlink_worker): Change set_file_attribute call to indicate that NT security isn't used. * sec_acl.cc (getacl): Fix bracketing. * sec_helper.cc (enable_restore_privilege): New function. * security.cc (str2buf2uni_cat): New function. (write_sd): Don't request restore permission here. * security.h (set_process_privileges): Drop stale declaration. (str2buf2uni): Declare. (str2buf2uni_cat): Declare. (enable_restore_privilege): Declare. * syscalls.cc (fchown32): Return immediate success on 9x. --- winsup/cygwin/security.cc | 41 +++++++++++------------------------------ 1 file changed, 11 insertions(+), 30 deletions(-) (limited to 'winsup/cygwin/security.cc') diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 239505128..29dd0a056 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -165,6 +165,16 @@ str2buf2uni (UNICODE_STRING &tgt, WCHAR *buf, const char *srcstr) sys_mbstowcs (buf, srcstr, tgt.MaximumLength); } +void +str2buf2uni_cat (UNICODE_STRING &tgt, const char *srcstr) +{ + DWORD len = strlen (srcstr) * sizeof (WCHAR); + sys_mbstowcs (tgt.Buffer + tgt.Length / sizeof (WCHAR), srcstr, + len + tgt.MaximumLength); + tgt.Length += len; + tgt.MaximumLength += len; +} + #if 0 /* unused */ static void lsa2wchar (WCHAR *tgt, LSA_UNICODE_STRING &src, int size) @@ -1119,38 +1129,9 @@ read_sd (const char *file, security_descriptor &sd) LONG write_sd (HANDLE fh, const char *file, security_descriptor &sd) { - /* Try turning privilege on, may not have WRITE_OWNER or WRITE_DAC access. - Must have privilege to set different owner, else BackupWrite misbehaves */ - static int NO_COPY saved_res; /* 0: never, 1: failed, 2 & 3: OK */ - int res; - if (!saved_res || cygheap->user.issetuid ()) - { - res = 2 + set_process_privilege (SE_RESTORE_NAME, true, - cygheap->user.issetuid ()); - if (!cygheap->user.issetuid ()) - saved_res = res; - } - else - res = saved_res; - if (res == 1) - { - BOOL dummy; - cygpsid owner; - - if (!GetSecurityDescriptorOwner (sd, (PSID *) &owner, &dummy)) - { - __seterrno (); - return -1; - } - if (owner != cygheap->user.sid ()) - { - set_errno (EPERM); - return -1; - } - } NTSTATUS ret = STATUS_SUCCESS; int retry = 0; - res = -1; + int res = -1; for (; retry < 2; ++retry) { if (retry && (fh = CreateFile (file, WRITE_OWNER | WRITE_DAC, -- cgit v1.2.3