* security.cc (set_process_privileges): Swap out.

* sec_helper.cc (set_process_privilege): Rename from `set_process_privileges'. Takes the privilege to enable or disable as parameter now. * security.h: Add prototype for `set_process_privileges'.
2025-01-30 19:10:36 +08:00 · 2001-04-20 20:36:13 +00:00 · 2001-04-20 20:36:13 +00:00 · 3c8e92d9fc
commit 3c8e92d9fc
parent b9815dc3dc
4 changed files with 50 additions and 41 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,3 +1,11 @@
 Fri Apr 20 22:25:00 2001  Corinna Vinschen <corinna@vinschen.de>
 	* security.cc (set_process_privileges): Swap out.
 	* sec_helper.cc (set_process_privilege): Rename from
 	`set_process_privileges'. Takes the privilege to enable or disable
 	as parameter now.
 	* security.h: Add prototype for `set_process_privileges'.
 2001-04-19  Egor Duda  <deo@logos-m.ru>
 	* path.cc (path_conv::check): Always initialize member variables.
--- a/winsup/cygwin/sec_helper.cc
+++ b/winsup/cygwin/sec_helper.cc
@ -397,3 +397,43 @@ got_it:
  return TRUE;
 }
 int
 set_process_privilege (const char *privilege, BOOL enable)
 {
  HANDLE hToken = NULL;
  LUID restore_priv;
  TOKEN_PRIVILEGES new_priv;
  int ret = -1;
  if (!OpenProcessToken (hMainProc, TOKEN_ADJUST_PRIVILEGES, &hToken))
    {
      __seterrno ();
      goto out;
    }
  if (!LookupPrivilegeValue (NULL, privilege, &restore_priv))
    {
      __seterrno ();
      goto out;
    }
  new_priv.PrivilegeCount = 1;
  new_priv.Privileges[0].Luid = restore_priv;
  new_priv.Privileges[0].Attributes = enable ? SE_PRIVILEGE_ENABLED : 0;
  if (!AdjustTokenPrivileges (hToken, FALSE, &new_priv, 0, NULL, NULL))
    {
      __seterrno ();
      goto out;
    }
  ret = 0;
 out:
  if (hToken)
    CloseHandle (hToken);
  syscall_printf ("%d = set_process_privilege (%s, %d)",ret, privilege, enable);
  return ret;
 }
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@ -182,7 +182,7 @@ write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size)
  static BOOL first_time = TRUE;
  if (first_time)
    {
-      set_process_privileges ();
+      set_process_privilege (SE_RESTORE_NAME);
      first_time = FALSE;
    }
@ -245,46 +245,6 @@ write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size)
  return 0;
 }
 int
 set_process_privileges ()
 {
  HANDLE hToken = NULL;
  LUID restore_priv;
  TOKEN_PRIVILEGES new_priv;
  int ret = -1;
  if (!OpenProcessToken (hMainProc, TOKEN_ADJUST_PRIVILEGES, &hToken))
    {
      __seterrno ();
      goto out;
    }
  if (!LookupPrivilegeValue (NULL, SE_RESTORE_NAME, &restore_priv))
    {
      __seterrno ();
      goto out;
    }
  new_priv.PrivilegeCount = 1;
  new_priv.Privileges[0].Luid = restore_priv;
  new_priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
  if (!AdjustTokenPrivileges (hToken, FALSE, &new_priv, 0, NULL, NULL))
    {
      __seterrno ();
      goto out;
    }
  ret = 0;
 out:
  if (hToken)
    CloseHandle (hToken);
  syscall_printf ("%d = set_process_privileges ()", ret);
  return ret;
 }
 static int
 get_nt_attribute (const char *file, int *attribute,
 		  uid_t *uidret, gid_t *gidret)
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@ -45,6 +45,7 @@ BOOL __stdcall is_grp_member (uid_t uid, gid_t gid);
 * logsrv may be NULL, in this case only the local system is used for lookup.
 * The buffer for ret_sid (40 Bytes) has to be allocated by the caller! */
 BOOL __stdcall lookup_name (const char *, const char *, PSID);
 int set_process_privilege (const char *privilege, BOOL enable = TRUE);
 extern inline int get_uid_from_sid (PSID psid) { return get_id_from_sid (psid, FALSE);}
 extern inline int get_gid_from_sid (PSID psid) { return get_id_from_sid (psid, TRUE); }