* autoload.cc (SetSecurityDescriptorControl): Drop.
* security.cc (alloc_sd): Set security descriptor control flag without calling SetSecurityDescriptorControl function. * wincap.h (wincapc::has_dacl_protect): Rename from has_security_descriptor_control. * wincap.cc: Ditto throughout.
This commit is contained in:
parent
5f9c8e2a87
commit
63a87c815a
|
@ -1,3 +1,12 @@
|
||||||
|
2007-07-19 Corinna Vinschen <corinna@vinschen.de>
|
||||||
|
|
||||||
|
* autoload.cc (SetSecurityDescriptorControl): Drop.
|
||||||
|
* security.cc (alloc_sd): Set security descriptor control flag without
|
||||||
|
calling SetSecurityDescriptorControl function.
|
||||||
|
* wincap.h (wincapc::has_dacl_protect): Rename from
|
||||||
|
has_security_descriptor_control.
|
||||||
|
* wincap.cc: Ditto throughout.
|
||||||
|
|
||||||
2007-07-19 Corinna Vinschen <corinna@vinschen.de>
|
2007-07-19 Corinna Vinschen <corinna@vinschen.de>
|
||||||
|
|
||||||
* autoload.cc (SetUserObjectSecurity): Drop.
|
* autoload.cc (SetUserObjectSecurity): Drop.
|
||||||
|
|
|
@ -298,8 +298,6 @@ wsock_init ()
|
||||||
|
|
||||||
LoadDLLprime (ws2_32, _wsock_init)
|
LoadDLLprime (ws2_32, _wsock_init)
|
||||||
|
|
||||||
LoadDLLfunc (SetSecurityDescriptorControl, 12, advapi32)
|
|
||||||
|
|
||||||
/* 127 == ERROR_PROC_NOT_FOUND */
|
/* 127 == ERROR_PROC_NOT_FOUND */
|
||||||
LoadDLLfuncEx2 (DsGetDcNameA, 24, netapi32, 1, 127)
|
LoadDLLfuncEx2 (DsGetDcNameA, 24, netapi32, 1, 127)
|
||||||
LoadDLLfunc (NetApiBufferFree, 4, netapi32)
|
LoadDLLfunc (NetApiBufferFree, 4, netapi32)
|
||||||
|
|
|
@ -1631,14 +1631,10 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/* We set the SE_DACL_PROTECTED flag here to prevent the DACL from being
|
||||||
* We set the SE_DACL_PROTECTED flag here to prevent the DACL from being
|
* modified by inheritable ACEs. This flag is available since Win2K. */
|
||||||
* modified by inheritable ACEs.
|
if (wincap.has_dacl_protect ())
|
||||||
* This flag as well as the SetSecurityDescriptorControl call are available
|
sd.Control |= SE_DACL_PROTECTED;
|
||||||
* only since Win2K.
|
|
||||||
*/
|
|
||||||
if (wincap.has_security_descriptor_control ())
|
|
||||||
SetSecurityDescriptorControl (&sd, SE_DACL_PROTECTED, SE_DACL_PROTECTED);
|
|
||||||
|
|
||||||
/* Create owner for local security descriptor. */
|
/* Create owner for local security descriptor. */
|
||||||
if (!SetSecurityDescriptorOwner (&sd, owner_sid, FALSE))
|
if (!SetSecurityDescriptorOwner (&sd, owner_sid, FALSE))
|
||||||
|
|
|
@ -18,7 +18,7 @@ static NO_COPY wincaps wincap_unknown = {
|
||||||
heapslop:0x0,
|
heapslop:0x0,
|
||||||
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
|
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:false,
|
has_dacl_protect:false,
|
||||||
has_ip_helper_lib:false,
|
has_ip_helper_lib:false,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:true,
|
has_physical_mem_access:true,
|
||||||
|
@ -47,7 +47,7 @@ static NO_COPY wincaps wincap_nt4 = {
|
||||||
heapslop:0x0,
|
heapslop:0x0,
|
||||||
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
|
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:false,
|
has_dacl_protect:false,
|
||||||
has_ip_helper_lib:false,
|
has_ip_helper_lib:false,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:true,
|
has_physical_mem_access:true,
|
||||||
|
@ -76,7 +76,7 @@ static NO_COPY wincaps wincap_nt4sp4 = {
|
||||||
heapslop:0x0,
|
heapslop:0x0,
|
||||||
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
|
max_sys_priv:SE_CHANGE_NOTIFY_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:false,
|
has_dacl_protect:false,
|
||||||
has_ip_helper_lib:true,
|
has_ip_helper_lib:true,
|
||||||
has_broken_if_oper_status:true,
|
has_broken_if_oper_status:true,
|
||||||
has_physical_mem_access:true,
|
has_physical_mem_access:true,
|
||||||
|
@ -105,7 +105,7 @@ static NO_COPY wincaps wincap_2000 = {
|
||||||
heapslop:0x0,
|
heapslop:0x0,
|
||||||
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
|
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:true,
|
has_dacl_protect:true,
|
||||||
has_ip_helper_lib:true,
|
has_ip_helper_lib:true,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:true,
|
has_physical_mem_access:true,
|
||||||
|
@ -134,7 +134,7 @@ static NO_COPY wincaps wincap_2000sp4 = {
|
||||||
heapslop:0x0,
|
heapslop:0x0,
|
||||||
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
|
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:true,
|
has_dacl_protect:true,
|
||||||
has_ip_helper_lib:true,
|
has_ip_helper_lib:true,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:true,
|
has_physical_mem_access:true,
|
||||||
|
@ -163,7 +163,7 @@ static NO_COPY wincaps wincap_xp = {
|
||||||
heapslop:0x0,
|
heapslop:0x0,
|
||||||
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
|
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:true,
|
has_dacl_protect:true,
|
||||||
has_ip_helper_lib:true,
|
has_ip_helper_lib:true,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:true,
|
has_physical_mem_access:true,
|
||||||
|
@ -192,7 +192,7 @@ static NO_COPY wincaps wincap_xpsp1 = {
|
||||||
heapslop:0x0,
|
heapslop:0x0,
|
||||||
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
|
max_sys_priv:SE_MANAGE_VOLUME_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:true,
|
has_dacl_protect:true,
|
||||||
has_ip_helper_lib:true,
|
has_ip_helper_lib:true,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:true,
|
has_physical_mem_access:true,
|
||||||
|
@ -221,7 +221,7 @@ static NO_COPY wincaps wincap_xpsp2 = {
|
||||||
heapslop:0x0,
|
heapslop:0x0,
|
||||||
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
|
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:true,
|
has_dacl_protect:true,
|
||||||
has_ip_helper_lib:true,
|
has_ip_helper_lib:true,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:true,
|
has_physical_mem_access:true,
|
||||||
|
@ -250,7 +250,7 @@ static NO_COPY wincaps wincap_2003 = {
|
||||||
heapslop:0x4,
|
heapslop:0x4,
|
||||||
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
|
max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE,
|
||||||
is_server:true,
|
is_server:true,
|
||||||
has_security_descriptor_control:true,
|
has_dacl_protect:true,
|
||||||
has_ip_helper_lib:true,
|
has_ip_helper_lib:true,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:false,
|
has_physical_mem_access:false,
|
||||||
|
@ -279,7 +279,7 @@ static NO_COPY wincaps wincap_vista = {
|
||||||
heapslop:0x4,
|
heapslop:0x4,
|
||||||
max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE,
|
max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE,
|
||||||
is_server:false,
|
is_server:false,
|
||||||
has_security_descriptor_control:true,
|
has_dacl_protect:true,
|
||||||
has_ip_helper_lib:true,
|
has_ip_helper_lib:true,
|
||||||
has_broken_if_oper_status:false,
|
has_broken_if_oper_status:false,
|
||||||
has_physical_mem_access:false,
|
has_physical_mem_access:false,
|
||||||
|
|
|
@ -17,7 +17,7 @@ struct wincaps
|
||||||
DWORD heapslop;
|
DWORD heapslop;
|
||||||
DWORD max_sys_priv;
|
DWORD max_sys_priv;
|
||||||
unsigned is_server : 1;
|
unsigned is_server : 1;
|
||||||
unsigned has_security_descriptor_control : 1;
|
unsigned has_dacl_protect : 1;
|
||||||
unsigned has_ip_helper_lib : 1;
|
unsigned has_ip_helper_lib : 1;
|
||||||
unsigned has_broken_if_oper_status : 1;
|
unsigned has_broken_if_oper_status : 1;
|
||||||
unsigned has_physical_mem_access : 1;
|
unsigned has_physical_mem_access : 1;
|
||||||
|
@ -62,7 +62,7 @@ public:
|
||||||
DWORD IMPLEMENT (heapslop)
|
DWORD IMPLEMENT (heapslop)
|
||||||
DWORD IMPLEMENT (max_sys_priv)
|
DWORD IMPLEMENT (max_sys_priv)
|
||||||
bool IMPLEMENT (is_server)
|
bool IMPLEMENT (is_server)
|
||||||
bool IMPLEMENT (has_security_descriptor_control)
|
bool IMPLEMENT (has_dacl_protect)
|
||||||
bool IMPLEMENT (has_ip_helper_lib)
|
bool IMPLEMENT (has_ip_helper_lib)
|
||||||
bool IMPLEMENT (has_broken_if_oper_status)
|
bool IMPLEMENT (has_broken_if_oper_status)
|
||||||
bool IMPLEMENT (has_physical_mem_access)
|
bool IMPLEMENT (has_physical_mem_access)
|
||||||
|
|
Loading…
Reference in New Issue