* autoload.cc (SetSecurityDescriptorControl): Drop.

* security.cc (alloc_sd): Set security descriptor control flag without
	calling SetSecurityDescriptorControl function.
	* wincap.h (wincapc::has_dacl_protect): Rename from
	has_security_descriptor_control.
	* wincap.cc: Ditto throughout.
This commit is contained in:
Corinna Vinschen 2007-07-19 09:06:54 +00:00
parent 5f9c8e2a87
commit 63a87c815a
5 changed files with 25 additions and 22 deletions

View File

@ -1,3 +1,12 @@
2007-07-19 Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (SetSecurityDescriptorControl): Drop.
* security.cc (alloc_sd): Set security descriptor control flag without
calling SetSecurityDescriptorControl function.
* wincap.h (wincapc::has_dacl_protect): Rename from
has_security_descriptor_control.
* wincap.cc: Ditto throughout.
2007-07-19 Corinna Vinschen <corinna@vinschen.de> 2007-07-19 Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (SetUserObjectSecurity): Drop. * autoload.cc (SetUserObjectSecurity): Drop.

View File

@ -298,8 +298,6 @@ wsock_init ()
LoadDLLprime (ws2_32, _wsock_init) LoadDLLprime (ws2_32, _wsock_init)
LoadDLLfunc (SetSecurityDescriptorControl, 12, advapi32)
/* 127 == ERROR_PROC_NOT_FOUND */ /* 127 == ERROR_PROC_NOT_FOUND */
LoadDLLfuncEx2 (DsGetDcNameA, 24, netapi32, 1, 127) LoadDLLfuncEx2 (DsGetDcNameA, 24, netapi32, 1, 127)
LoadDLLfunc (NetApiBufferFree, 4, netapi32) LoadDLLfunc (NetApiBufferFree, 4, netapi32)

View File

@ -1631,14 +1631,10 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
return NULL; return NULL;
} }
/* /* We set the SE_DACL_PROTECTED flag here to prevent the DACL from being
* We set the SE_DACL_PROTECTED flag here to prevent the DACL from being * modified by inheritable ACEs. This flag is available since Win2K. */
* modified by inheritable ACEs. if (wincap.has_dacl_protect ())
* This flag as well as the SetSecurityDescriptorControl call are available sd.Control |= SE_DACL_PROTECTED;
* only since Win2K.
*/
if (wincap.has_security_descriptor_control ())
SetSecurityDescriptorControl (&sd, SE_DACL_PROTECTED, SE_DACL_PROTECTED);
/* Create owner for local security descriptor. */ /* Create owner for local security descriptor. */
if (!SetSecurityDescriptorOwner (&sd, owner_sid, FALSE)) if (!SetSecurityDescriptorOwner (&sd, owner_sid, FALSE))

View File

@ -18,7 +18,7 @@ static NO_COPY wincaps wincap_unknown = {
heapslop:0x0, heapslop:0x0,
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE, max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:false, has_dacl_protect:false,
has_ip_helper_lib:false, has_ip_helper_lib:false,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:true, has_physical_mem_access:true,
@ -47,7 +47,7 @@ static NO_COPY wincaps wincap_nt4 = {
heapslop:0x0, heapslop:0x0,
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE, max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:false, has_dacl_protect:false,
has_ip_helper_lib:false, has_ip_helper_lib:false,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:true, has_physical_mem_access:true,
@ -76,7 +76,7 @@ static NO_COPY wincaps wincap_nt4sp4 = {
heapslop:0x0, heapslop:0x0,
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE, max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:false, has_dacl_protect:false,
has_ip_helper_lib:true, has_ip_helper_lib:true,
has_broken_if_oper_status:true, has_broken_if_oper_status:true,
has_physical_mem_access:true, has_physical_mem_access:true,
@ -105,7 +105,7 @@ static NO_COPY wincaps wincap_2000 = {
heapslop:0x0, heapslop:0x0,
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE, max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:true, has_dacl_protect:true,
has_ip_helper_lib:true, has_ip_helper_lib:true,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:true, has_physical_mem_access:true,
@ -134,7 +134,7 @@ static NO_COPY wincaps wincap_2000sp4 = {
heapslop:0x0, heapslop:0x0,
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:true, has_dacl_protect:true,
has_ip_helper_lib:true, has_ip_helper_lib:true,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:true, has_physical_mem_access:true,
@ -163,7 +163,7 @@ static NO_COPY wincaps wincap_xp = {
heapslop:0x0, heapslop:0x0,
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE, max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:true, has_dacl_protect:true,
has_ip_helper_lib:true, has_ip_helper_lib:true,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:true, has_physical_mem_access:true,
@ -192,7 +192,7 @@ static NO_COPY wincaps wincap_xpsp1 = {
heapslop:0x0, heapslop:0x0,
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE, max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:true, has_dacl_protect:true,
has_ip_helper_lib:true, has_ip_helper_lib:true,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:true, has_physical_mem_access:true,
@ -221,7 +221,7 @@ static NO_COPY wincaps wincap_xpsp2 = {
heapslop:0x0, heapslop:0x0,
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:true, has_dacl_protect:true,
has_ip_helper_lib:true, has_ip_helper_lib:true,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:true, has_physical_mem_access:true,
@ -250,7 +250,7 @@ static NO_COPY wincaps wincap_2003 = {
heapslop:0x4, heapslop:0x4,
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
is_server:true, is_server:true,
has_security_descriptor_control:true, has_dacl_protect:true,
has_ip_helper_lib:true, has_ip_helper_lib:true,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:false, has_physical_mem_access:false,
@ -279,7 +279,7 @@ static NO_COPY wincaps wincap_vista = {
heapslop:0x4, heapslop:0x4,
max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE,
is_server:false, is_server:false,
has_security_descriptor_control:true, has_dacl_protect:true,
has_ip_helper_lib:true, has_ip_helper_lib:true,
has_broken_if_oper_status:false, has_broken_if_oper_status:false,
has_physical_mem_access:false, has_physical_mem_access:false,

View File

@ -17,7 +17,7 @@ struct wincaps
DWORD heapslop; DWORD heapslop;
DWORD max_sys_priv; DWORD max_sys_priv;
unsigned is_server : 1; unsigned is_server : 1;
unsigned has_security_descriptor_control : 1; unsigned has_dacl_protect : 1;
unsigned has_ip_helper_lib : 1; unsigned has_ip_helper_lib : 1;
unsigned has_broken_if_oper_status : 1; unsigned has_broken_if_oper_status : 1;
unsigned has_physical_mem_access : 1; unsigned has_physical_mem_access : 1;
@ -62,7 +62,7 @@ public:
DWORD IMPLEMENT (heapslop) DWORD IMPLEMENT (heapslop)
DWORD IMPLEMENT (max_sys_priv) DWORD IMPLEMENT (max_sys_priv)
bool IMPLEMENT (is_server) bool IMPLEMENT (is_server)
bool IMPLEMENT (has_security_descriptor_control) bool IMPLEMENT (has_dacl_protect)
bool IMPLEMENT (has_ip_helper_lib) bool IMPLEMENT (has_ip_helper_lib)
bool IMPLEMENT (has_broken_if_oper_status) bool IMPLEMENT (has_broken_if_oper_status)
bool IMPLEMENT (has_physical_mem_access) bool IMPLEMENT (has_physical_mem_access)