From ebbdc7034b5251f379ff7959adb5bd65f592ebd2 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Thu, 16 May 2002 09:30:48 +0000
Subject: 	* syscalls.cc (seteuid): Set default dacl in process token. 
 Replace in-line code by call to verify_token(). 	(setegid): Reverse
 change from 2002-01-21. Add call to 	RevertToSelf and set primary group in
 impersonation token. 	* security.cc (create_token): Store pgrpsid in token
 security 	descriptor, except if it already appears in my_grps. 	Use
 sec_acl() in place of get_dacl(). 	(verify_token): Create from code in
 seteuid(), with tighter checks. 	(get_dacl) Deleted. 
 (get_group_sidlist): Add argument to indicate if pgrpsid is already 	in the
 groups. 	* security.h: Define verify_token(). 	* autoload.cc: Load
 GetKernelObjectSecurity().

---
 winsup/cygwin/security.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'winsup/cygwin/security.h')

diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h
index 8b95ad0e0..81cbd51e2 100644
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@@ -181,6 +181,8 @@ void set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
 HANDLE subauth (struct passwd *pw);
 /* Try creating a token directly. */
 HANDLE create_token (cygsid &usersid, cygsid &pgrpsid);
+/* Verify an existing token */
+BOOL verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern = NULL);
 
 /* Extract U-domain\user field from passwd entry. */
 void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user);
-- 
cgit v1.2.3