* security.h: Add third argument to set_process_privilege.

* autoload.cc: Add OpenThreadToken.
	* sec_helper.cc (set_process_privilege): Add and use use_thread
	argument.
	* security.cc (alloc_sd): Modify call to set_process_privilege.
	Remember the result in each process. If failed and file owner is not
	the user, fail.

winsup/cygwin/ChangeLog

@@ -1,3 +1,13 @@
+2003-02-03  Pierre Humblet  <pierre.humblet@ieee.org>
+
+	* security.h: Add third argument to set_process_privilege.
+	* autoload.cc: Add OpenThreadToken.
+	* sec_helper.cc (set_process_privilege): Add and use use_thread
+	argument.
+	* security.cc (alloc_sd): Modify call to set_process_privilege.
+	Remember the result in each process. If failed and file owner is not
+	the user, fail.
+
 2003-02-03  Corinna Vinschen  <corinna@vinschen.de>
 
 	* fhandler_socket.cc (fhandler_socket::recvfrom): Return buffer

winsup/cygwin/autoload.cc

@@ -352,6 +352,7 @@ LoadDLLfunc (LsaOpenPolicy, 16, advapi32)
 LoadDLLfunc (LsaQueryInformationPolicy, 12, advapi32)
 LoadDLLfunc (MakeSelfRelativeSD, 12, advapi32)
 LoadDLLfunc (OpenProcessToken, 12, advapi32)
+LoadDLLfunc (OpenThreadToken, 16, advapi32)
 LoadDLLfunc (RegCloseKey, 4, advapi32)
 LoadDLLfunc (RegCreateKeyExA, 36, advapi32)
 LoadDLLfunc (RegDeleteKeyA, 8, advapi32)

winsup/cygwin/sec_helper.cc

@@ -294,7 +294,7 @@ got_it:
 #endif //unused
 
 int
-set_process_privilege (const char *privilege, BOOL enable)
+set_process_privilege (const char *privilege, bool enable, bool use_thread)
 {
   HANDLE hToken = NULL;
   LUID restore_priv;
@@ -302,8 +302,12 @@ set_process_privilege (const char *privilege, BOOL enable)
   int ret = -1;
   DWORD size;
 
-  if (!OpenProcessToken (hMainProc, TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,
-			 &hToken))
+  if ((use_thread
+       && !OpenThreadToken (GetCurrentThread (), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,
+			    0, &hToken))
+      ||(!use_thread
+	 && !OpenProcessToken (hMainProc, TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,
+			     &hToken)))
     {
       __seterrno ();
       goto out;
@@ -329,7 +333,6 @@ set_process_privilege (const char *privilege, BOOL enable)
      be enabled. GetLastError () returns an correct error code, though. */
   if (enable && GetLastError () == ERROR_NOT_ALL_ASSIGNED)
     {
-      debug_printf ("Privilege %s couldn't be assigned", privilege);
       __seterrno ();
       goto out;
     }

winsup/cygwin/security.cc

@@ -1563,9 +1563,20 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
     }
   owner_sid.debug_print ("alloc_sd: owner SID =");
 
-  /* Must have SE_RESTORE_NAME privilege to change owner */
-  if (cur_owner_sid && owner_sid != cur_owner_sid
-      && set_process_privilege (SE_RESTORE_NAME) < 0 )
+  /* Try turning privilege on, may not have WRITE_OWNER or WRITE_DAC access.
+     Must have privilege to set different owner, else BackupWrite misbehaves */
+  static int NO_COPY saved_res; /* 0: never, 1: failed, 2 & 3: OK */
+  int res;
+  if (!saved_res || cygheap->user.issetuid ())
+    {
+      res = 2 + set_process_privilege (SE_RESTORE_NAME, true,
+				       cygheap->user.issetuid ());
+      if (!cygheap->user.issetuid ())
+	saved_res = res;
+    }
+  else
+    res = saved_res;
+  if (res == 1 && owner_sid != cygheap->user.sid ())
     return NULL;
 
   /* Get SID of new group. */

winsup/cygwin/security.h

@@ -236,7 +236,7 @@ BOOL get_logon_server (const char * domain, char * server, WCHAR *wserver = NULL
 
 /* sec_helper.cc: Security helper functions. */
 BOOL __stdcall is_grp_member (__uid32_t uid, __gid32_t gid);
-int set_process_privilege (const char *privilege, BOOL enable = TRUE);
+int set_process_privilege (const char *privilege, bool enable = true, bool use_thread = false);
 
 /* shared.cc: */
 /* Retrieve a security descriptor that allows all access */