From c61ada9bd3d29734cce244a5cd39ec2cc5882454 Mon Sep 17 00:00:00 2001
From: Pierre Humblet <phumblet@phumblet.no-ip.org>
Date: Tue, 16 Sep 2003 00:45:50 +0000
Subject: 2003-09-15  Pierre Humblet <pierre.humblet@ieee.org>

	* security.h (__sec_user): Add "access2" argument.
	(sec_acl): Add "original" and "access2" arguments.
	(sec_user): Add "sid2" and "access2" argument. Remove dependence on
	allow_ntsec.
	(sec_user_nih): Ditto.
	* sec_helper.cc (__sec_user): Add "has_security" test.
	Call sec_acl with new arguments, letting it handle original_sid.
	(sec_acl): Add "original" and "access2" arguments. Handle original_sid
	depending on flag but avoiding duplicates. Use "access2" for sid2.
	* pinfo.cc (pinfo::init): Use security attributes created by sec_user
	when creating the mapping.
	* security.cc (create_token): Adjust arguments in call to sec_acl.
	Call sec_user instead of __sec_user.
	* syscall.cc (seteuid32):  Adjust arguments in call to sec_acl. Remove
	now unnecessary test. Remove useless conversions to psid.
	* dcrt0.cc (dll_crt0_1): Call cygsid::init before pinfo_init.
---
 winsup/cygwin/security.h | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'winsup/cygwin/security.h')

diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h
index 0112341a3..b39962aa2 100644
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@@ -256,9 +256,11 @@ SECURITY_DESCRIPTOR *__stdcall get_null_sd (void);
 
 /* Various types of security attributes for use in Create* functions. */
 extern SECURITY_ATTRIBUTES sec_none, sec_none_nih, sec_all, sec_all_nih;
-extern SECURITY_ATTRIBUTES *__stdcall __sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
+extern SECURITY_ATTRIBUTES *__stdcall __sec_user (PVOID sa_buf, PSID sid1, PSID sid2, 
+						  DWORD access2, BOOL inherit)
   __attribute__ ((regparm (3)));
-extern BOOL sec_acl (PACL acl, BOOL admins, PSID sid1 = NO_SID, PSID sid2 = NO_SID);
+extern BOOL sec_acl (PACL acl, bool original, bool admins, PSID sid1 = NO_SID, 
+		     PSID sid2 = NO_SID, DWORD access2 = 0);
 
 int __stdcall NTReadEA (const char *file, const char *attrname, char *buf, int len);
 BOOL __stdcall NTWriteEA (const char *file, const char *attrname, const char *buf, int len);
@@ -266,14 +268,14 @@ PSECURITY_DESCRIPTOR alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
 	  PSECURITY_DESCRIPTOR sd_ret, DWORD *sd_size_ret);
 
 extern inline SECURITY_ATTRIBUTES *
-sec_user_nih (char sa_buf[], PSID sid = NULL)
+sec_user_nih (char sa_buf[], PSID sid1 = NULL, PSID sid2 = NULL, DWORD access2 = 0)
 {
-  return allow_ntsec ? __sec_user (sa_buf, sid, FALSE) : &sec_none_nih;
+  return __sec_user (sa_buf, sid1, sid2, access2, FALSE);
 }
 
 extern inline SECURITY_ATTRIBUTES *
-sec_user (char sa_buf[], PSID sid = NULL)
+sec_user (char sa_buf[], PSID sid1 = NULL, PSID sid2 = NULL, DWORD access2 = 0)
 {
-  return allow_ntsec ? __sec_user (sa_buf, sid, TRUE) : &sec_none;
+  return __sec_user (sa_buf, sid1, sid2, access2, TRUE);
 }
 #endif /*_SECURITY_H*/
-- 
cgit v1.2.3