* security.h: Introduce names UNKNOWN_UID and UNKNOWN_GID and delete
declaration of is_grp_member. * uinfo.cc (internal_getlogin): Use UNKNOWN_GID. * passwd.cc (pwdgrp::read_passwd): Use UNKNOWN_UID. * grp.cc (pwdgrp::read_group): Change group name to provide better feedback. (getgrgid): Use gid16togid32. * sec_helper.cc (is_grp_member): Delete.
This commit is contained in:
Corinna Vinschen
parent
f865f0c479
commit
565e80155b
|
|
@ -1,3 +1,14 @@
|
|||
2003-02-06 Pierre Humblet <pierre.humblet@ieee.org>
|
||||
|
||||
* security.h: Introduce names UNKNOWN_UID and UNKNOWN_GID and delete
|
||||
declaration of is_grp_member.
|
||||
* uinfo.cc (internal_getlogin): Use UNKNOWN_GID.
|
||||
* passwd.cc (pwdgrp::read_passwd): Use UNKNOWN_UID.
|
||||
* grp.cc (pwdgrp::read_group): Change group name to provide better
|
||||
feedback.
|
||||
(getgrgid): Use gid16togid32.
|
||||
* sec_helper.cc (is_grp_member): Delete.
|
||||
|
||||
2003-02-05 Christopher Faylor <cgf@redhat.com>
|
||||
|
||||
* path.cc: Change 'to_posix_p' to 'to_posix' throughout.
|
||||
|
|
|
|||
|
|
@ -95,6 +95,8 @@ pwdgrp::read_group ()
|
|||
if ((gr = internal_getgrsid (cygheap->user.groups.pgsid)))
|
||||
strlcpy (group_name, gr->gr_name, sizeof (group_name));
|
||||
}
|
||||
if (myself->uid == UNKNOWN_UID)
|
||||
strcpy (group_name, "mkpasswd"); /* Feedback... */
|
||||
snprintf (linebuf, sizeof (linebuf), "%s:%s:%lu:%s",
|
||||
group_name, strbuf, myself->gid, cygheap->user.name ());
|
||||
debug_printf ("Completing /etc/group: %s", linebuf);
|
||||
|
|
@ -171,7 +173,7 @@ getgrgid (__gid16_t gid)
|
|||
{
|
||||
static struct __group16 g16; /* FIXME: thread-safe? */
|
||||
|
||||
return grp32togrp16 (&g16, getgrgid32 ((__gid32_t) gid));
|
||||
return grp32togrp16 (&g16, getgrgid32 (gid16togid32 (gid)));
|
||||
}
|
||||
|
||||
extern "C" struct __group32 *
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ pwdgrp::read_passwd ()
|
|||
(void) cygheap->user.ontherange (CH_HOME, NULL);
|
||||
snprintf (linebuf, sizeof (linebuf), "%s:*:%lu:%lu:,%s:%s:/bin/sh",
|
||||
cygheap->user.name (),
|
||||
myself->uid == ILLEGAL_UID ? DEFAULT_UID_NT : myself->uid,
|
||||
myself->uid == ILLEGAL_UID ? UNKNOWN_UID : myself->uid,
|
||||
myself->gid,
|
||||
strbuf, getenv ("HOME") ?: "");
|
||||
debug_printf ("Completing /etc/passwd: %s", linebuf);
|
||||
|
|
|
|||
|
|
@ -223,47 +223,6 @@ get_sids_info (cygpsid owner_sid, cygpsid group_sid, __uid32_t * uidret, __gid32
|
|||
return ret;
|
||||
}
|
||||
|
||||
BOOL
|
||||
is_grp_member (__uid32_t uid, __gid32_t gid)
|
||||
{
|
||||
struct passwd *pw;
|
||||
struct __group32 *gr;
|
||||
int idx;
|
||||
|
||||
/* Evaluate current user info by examining the info given in cygheap and
|
||||
the current access token if ntsec is on. */
|
||||
if (uid == myself->uid)
|
||||
{
|
||||
/* If gid == primary group of current user, return immediately. */
|
||||
if (gid == myself->gid)
|
||||
return TRUE;
|
||||
/* Calling getgroups only makes sense when reading the access token. */
|
||||
if (allow_ntsec)
|
||||
{
|
||||
__gid32_t grps[NGROUPS_MAX];
|
||||
int cnt = internal_getgroups (NGROUPS_MAX, grps);
|
||||
for (idx = 0; idx < cnt; ++idx)
|
||||
if (grps[idx] == gid)
|
||||
return TRUE;
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
/* Otherwise try getting info from examining passwd and group files. */
|
||||
if ((pw = internal_getpwuid (uid)))
|
||||
{
|
||||
/* If gid == primary group of uid, return immediately. */
|
||||
if ((__gid32_t) pw->pw_gid == gid)
|
||||
return TRUE;
|
||||
/* Otherwise search for supplementary user list of this group. */
|
||||
if ((gr = internal_getgrgid (gid)))
|
||||
for (idx = 0; gr->gr_mem[idx]; ++idx)
|
||||
if (strcasematch (cygheap->user.name (), gr->gr_mem[idx]))
|
||||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
#if 0 // unused
|
||||
#define SIDLEN (sidlen = MAX_SID_LEN, &sidlen)
|
||||
#define DOMLEN (domlen = INTERNET_MAX_HOST_NAME_LENGTH, &domlen)
|
||||
|
|
|
|||
|
|
@ -11,8 +11,8 @@ details. */
|
|||
#include <accctrl.h>
|
||||
|
||||
#define DEFAULT_UID DOMAIN_USER_RID_ADMIN
|
||||
#define DEFAULT_UID_NT 400 /* Non conflicting number */
|
||||
#define DEFAULT_GID 401
|
||||
#define UNKNOWN_UID 400 /* Non conflicting number */
|
||||
#define UNKNOWN_GID 401
|
||||
|
||||
#define MAX_SID_LEN 40
|
||||
#define MAX_DACL_LEN(n) (sizeof (ACL) \
|
||||
|
|
@ -244,7 +244,6 @@ void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user);
|
|||
BOOL get_logon_server (const char * domain, char * server, WCHAR *wserver = NULL);
|
||||
|
||||
/* sec_helper.cc: Security helper functions. */
|
||||
BOOL __stdcall is_grp_member (__uid32_t uid, __gid32_t gid);
|
||||
int set_process_privilege (const char *privilege, bool enable = true, bool use_thread = false);
|
||||
|
||||
/* shared.cc: */
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ internal_getlogin (cygheap_user &user)
|
|||
struct passwd *pw = NULL;
|
||||
HANDLE ptok = INVALID_HANDLE_VALUE;
|
||||
|
||||
myself->gid = DEFAULT_GID;
|
||||
myself->gid = UNKNOWN_GID;
|
||||
if (wincap.has_security ())
|
||||
{
|
||||
DWORD siz;
|
||||
|
|
|
|||
Loading…
Reference in New Issue