Partially revert change from 2005-04-03, always running under an
impersonation token, which collides with Vista UAC. * cygheap.h (deimpersonate): revert to self instead of impersonating hProcImpToken. (reimpersonate): Only impersonate if setuid. * dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here. (dll_crt0_1): Set privileges on hProcToken. * fork.cc (frok::child): Set privileges on hProcToken. Close handle to hProcImpToken. * grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken. * security.cc (check_access): Create hProcImpToken on demand here. * security.h (set_process_privilege): Set privileges on hProcToken. (_push_thread_privilege): Use hProcToken instead of hProcImpToken. (pop_thread_privilege): If not setuid'ed, revert to self. * syscalls.cc (setegid32): Drop setting primary group on hProcImpToken. Close handle to hProcImpToken. * uinfo.cc (internal_getlogin): Ditto. * winsup.h (clear_procimptoken): New inline function.
This commit is contained in:
Corinna Vinschen
parent
815122d842
commit
5684cfebba
|
|
@ -1,3 +1,24 @@
|
|||
2006-12-12 Corinna Vinschen <corinna@vinschen.de>
|
||||
|
||||
Partially revert change from 2005-04-03, always running under an
|
||||
impersonation token, which collides with Vista UAC.
|
||||
* cygheap.h (deimpersonate): revert to self instead of impersonating
|
||||
hProcImpToken.
|
||||
(reimpersonate): Only impersonate if setuid.
|
||||
* dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here.
|
||||
(dll_crt0_1): Set privileges on hProcToken.
|
||||
* fork.cc (frok::child): Set privileges on hProcToken. Close handle to
|
||||
hProcImpToken.
|
||||
* grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken.
|
||||
* security.cc (check_access): Create hProcImpToken on demand here.
|
||||
* security.h (set_process_privilege): Set privileges on hProcToken.
|
||||
(_push_thread_privilege): Use hProcToken instead of hProcImpToken.
|
||||
(pop_thread_privilege): If not setuid'ed, revert to self.
|
||||
* syscalls.cc (setegid32): Drop setting primary group on hProcImpToken.
|
||||
Close handle to hProcImpToken.
|
||||
* uinfo.cc (internal_getlogin): Ditto.
|
||||
* winsup.h (clear_procimptoken): New inline function.
|
||||
|
||||
2006-12-12 Christopher Faylor <me@cgf.cx>
|
||||
|
||||
* syscalls.cc (popen): Allow '[rw][bt]'.
|
||||
|
|
|
|||
|
|
@ -182,14 +182,13 @@ public:
|
|||
void deimpersonate ()
|
||||
{
|
||||
if (issetuid ())
|
||||
{
|
||||
RevertToSelf ();
|
||||
ImpersonateLoggedOnUser (hProcImpToken);
|
||||
}
|
||||
RevertToSelf ();
|
||||
}
|
||||
bool reimpersonate ()
|
||||
{
|
||||
return ImpersonateLoggedOnUser (issetuid () ? token () : hProcImpToken);
|
||||
if (issetuid ())
|
||||
return ImpersonateLoggedOnUser (token ());
|
||||
return true;
|
||||
}
|
||||
bool has_impersonation_tokens ()
|
||||
{ return external_token != NO_IMPERSONATION
|
||||
|
|
|
|||
|
|
@ -771,17 +771,6 @@ dll_crt0_0 ()
|
|||
|
||||
cygheap->cwd.init ();
|
||||
|
||||
/* Late duplicate simplifies tweaking the process token in uinfo.cc. */
|
||||
if (wincap.has_security ()
|
||||
&& !DuplicateTokenEx (hProcToken, MAXIMUM_ALLOWED, NULL,
|
||||
SecurityImpersonation, TokenImpersonation,
|
||||
&hProcImpToken))
|
||||
#ifdef DEBUGGING
|
||||
system_printf ("DuplicateTokenEx failed, %E");
|
||||
#else
|
||||
;
|
||||
#endif
|
||||
|
||||
debug_printf ("finished dll_crt0_0 initialization");
|
||||
}
|
||||
|
||||
|
|
@ -852,7 +841,7 @@ dll_crt0_1 (void *)
|
|||
|
||||
/* Can be set only after environment has been initialized. */
|
||||
if (wincap.has_security ())
|
||||
set_cygwin_privileges (hProcImpToken);
|
||||
set_cygwin_privileges (hProcToken);
|
||||
|
||||
if (!old_title && GetConsoleTitle (title_buf, TITLESIZE))
|
||||
old_title = title_buf;
|
||||
|
|
|
|||
|
|
@ -117,7 +117,8 @@ frok::child (void *)
|
|||
|
||||
if (wincap.has_security ())
|
||||
{
|
||||
set_cygwin_privileges (hProcImpToken);
|
||||
set_cygwin_privileges (hProcToken);
|
||||
clear_procimptoken ();
|
||||
cygheap->user.reimpersonate ();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -367,7 +367,7 @@ internal_getgroups (int gidsetsize, __gid32_t *grouplist, cygpsid * srchsid)
|
|||
if (cygheap->user.issetuid ())
|
||||
hToken = cygheap->user.token ();
|
||||
else
|
||||
hToken = hProcImpToken;
|
||||
hToken = hProcToken;
|
||||
|
||||
if (hToken)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -2129,6 +2129,17 @@ check_access (security_descriptor &sd, GENERIC_MAPPING &mapping,
|
|||
HANDLE tok = cygheap->user.issetuid () ? cygheap->user.token ()
|
||||
: hProcImpToken;
|
||||
|
||||
if (!tok && !DuplicateTokenEx (hProcToken, MAXIMUM_ALLOWED, NULL,
|
||||
SecurityImpersonation, TokenImpersonation,
|
||||
&hProcImpToken))
|
||||
#ifdef DEBUGGING
|
||||
system_printf ("DuplicateTokenEx failed, %E");
|
||||
#else
|
||||
syscall_printf ("DuplicateTokenEx failed, %E");
|
||||
#endif
|
||||
else
|
||||
tok = hProcImpToken;
|
||||
|
||||
if (!AccessCheck (sd, tok, desired, &mapping, pset, &plen, &granted, &status))
|
||||
__seterrno ();
|
||||
else if (!status)
|
||||
|
|
|
|||
|
|
@ -396,14 +396,14 @@ bool get_logon_server (const char * domain, char * server, WCHAR *wserver,
|
|||
int set_privilege (HANDLE token, enum cygpriv_idx privilege, bool enable);
|
||||
void set_cygwin_privileges (HANDLE token);
|
||||
|
||||
#define set_process_privilege(p,v) set_privilege (hProcImpToken, (p), (v))
|
||||
#define set_process_privilege(p,v) set_privilege (hProcToken, (p), (v))
|
||||
|
||||
#define _push_thread_privilege(_priv, _val, _check) { \
|
||||
HANDLE _token = NULL, _dup_token = NULL; \
|
||||
if (wincap.has_security ()) \
|
||||
{ \
|
||||
_token = (cygheap->user.issetuid () && (_check)) \
|
||||
? cygheap->user.token () : hProcImpToken; \
|
||||
? cygheap->user.token () : hProcToken; \
|
||||
if (!DuplicateTokenEx (_token, MAXIMUM_ALLOWED, NULL, \
|
||||
SecurityImpersonation, TokenImpersonation, \
|
||||
&_dup_token)) \
|
||||
|
|
@ -419,7 +419,10 @@ void set_cygwin_privileges (HANDLE token);
|
|||
#define pop_thread_privilege() \
|
||||
if (_dup_token) \
|
||||
{ \
|
||||
ImpersonateLoggedOnUser (_token); \
|
||||
if (_token == hProcToken) \
|
||||
RevertToSelf (); \
|
||||
else \
|
||||
ImpersonateLoggedOnUser (_token); \
|
||||
CloseHandle (_dup_token); \
|
||||
} \
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2418,9 +2418,7 @@ setegid32 (__gid32_t gid)
|
|||
cygheap->user.deimpersonate ();
|
||||
if (!SetTokenInformation (hProcToken, TokenPrimaryGroup, &gsid, sizeof gsid))
|
||||
debug_printf ("SetTokenInformation(hProcToken, TokenPrimaryGroup), %E");
|
||||
if (!SetTokenInformation (hProcImpToken, TokenPrimaryGroup, &gsid,
|
||||
sizeof gsid))
|
||||
debug_printf ("SetTokenInformation(hProcImpToken, TokenPrimaryGroup), %E");
|
||||
clear_procimptoken ();
|
||||
cygheap->user.reimpersonate ();
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -115,11 +115,9 @@ internal_getlogin (cygheap_user &user)
|
|||
if (!SetTokenInformation (hProcToken, TokenPrimaryGroup,
|
||||
&gsid, sizeof gsid))
|
||||
debug_printf ("SetTokenInformation(TokenPrimaryGroup), %E");
|
||||
if (!SetTokenInformation (hProcImpToken, TokenPrimaryGroup,
|
||||
&gsid, sizeof gsid))
|
||||
debug_printf ("SetTokenInformation(TokenPrimaryGroup), %E");
|
||||
else
|
||||
user.groups.pgsid = gsid;
|
||||
clear_procimptoken ();
|
||||
}
|
||||
}
|
||||
else
|
||||
|
|
|
|||
|
|
@ -360,6 +360,16 @@ extern HANDLE hMainThread;
|
|||
extern HANDLE hMainProc;
|
||||
extern HANDLE hProcToken;
|
||||
extern HANDLE hProcImpToken;
|
||||
|
||||
inline void clear_procimptoken ()
|
||||
{
|
||||
if (hProcImpToken)
|
||||
{
|
||||
CloseHandle (hProcImpToken);
|
||||
hProcImpToken = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
extern HANDLE hExeced;
|
||||
extern HMODULE cygwin_hmodule;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue