(get_supplementary_group_sidlist): Evolve into get_unix_group_sidlist.
(get_user_local_groups): Add check for duplicates.
(get_user_primary_group): Suppress.
(get_group_sidlist): Silently ignore PDC unavailability.
Call get_unix_group_sidlist() before get_user_local_groups().
Remove call to get_supplementary_group_sidlist(). Never call
get_user_primary_group() as the passwd group is always included.
Add well_known_authenticated_users_sid in only one statement.
domain as the local domain.
(get_group_sidlist): Add authenticated users SID to SYSTEM's group
list instead of SYSTEM itself.
(verify_token): Accept the primary group sid if it equals
the token user sid.
(INHERIT_ALL): Ditto.
(INHERIT_ONLY): Ditto.
* sec_acl.cc: Use appropriate defines from accctrl.h instead of the
above throughout.
* security.cc: Ditto.
(RegQueryInfoKeyA): Ditto.
* fhandler.h (fhandler_virtual::fill_filebuf): Change return type to bool.
(fhandler_proc::fill_filebuf): Ditto.
(fhandler_registry::fill_filebuf): Ditto.
(fhandler_process::fill_filebuf): Ditto.
(fhandler_registry::value_name): Add new member.
(fhandler_registry::close): Add new method.
(fhandler_process::p): Remove member.
* fhandler_proc.cc (fhandler_proc::open): Add set_nohandle after calling
superclass method. Check return value of fill_filebuf.
(fhandler_proc::fill_filebuf): Change return type to bool. Add return
statement.
* fhandler_process.cc (fhandler_process::open): Add set_nohandle after calling
superclass method. Remove references to p. Check return value of
fill_filebuf.
(fhandler_process::fill_filebuf): Change return type to bool. Don't use
dereference operator on p. Add return statement.
(fhandler_process::format_process_stat): Fix typo.
* fhandler_registry.cc: Add static open_key declaration.
(fhandler_registry::exists): Assume path is already normalised. Try opening
the path as a key in its own right first, before reverting to enumerating
subkeys and values of the parent key.
(fhandler_registry::fstat): Add additional code to return more relevant
information about the registry key/value.
(fhandler_registry::readdir): Explicitly set desired access when opening
registry key. Remove output of buf from debug_printf format string.
(fhandler_registry::open): Use set_io_handle to store registry key handle. Set
value_name member. Move code to read a value from the registry to
fill_filebuf. Add call to fill_filebuf.
(fhandler_registry::close): New method.
(fhandler_registry::fill_filebuf): Change return type to bool. Add code to
read a value from registry.
(fhandler_registry::open_key): Make function static. Use KEY_READ as desired
access unless this is the last path component. Check the return value of
RegOpenKeyEx for an error instead of hKey.
* fhandler_virtual.cc (fhandler_virtual::lseek): Check the return value of
fill_filebuf.
(fhandler_virtual::open): Remove call to set_nohandle.
(fhandler_virtual::fill_filebuf): Change return type to bool. Add return
statement.
* security.cc (get_nt_object_attribute): New function.
(get_object_attribute): New function.
* security.h (get_object_attribute): New function declaration.
Call LookupAccountSid after trying to get domain & user from passwd.
(get_group_sidlist): Obtain the domain and user by calling
extract_nt_dom_user instead of LookupAccountSid.
to get_supplementary_group_sidlist.
(create_token): Add pw argument and use it in call to get_group_sidlist.
* security.h: Add pw argument in declaration of create_token.
* syscalls.cc (seteuid32): Add pw argument in call to create_token.
Check uid for current user first and use SIDs from cygheap if so.
Set errno to EINVAL if user SID isn't retrievable. Just print user SID
as debug output.
Don't bail out if group SID isn't retrievable. Change debug output
appropriately.
(cygheap_user::env_logsrv): Verify env_domain is valid.
* environ.cc: Include child_info.h and keep spenvs[] sorted.
(environ_init): Check child_proc_info instead of myself->ppid_handle.
* environ.cc (spenv::retrieve): Add debugging statements.
* pinfo.cc (set_myself): Don't call strace.hello if already stracing.
* strace.cc (strace): Move NO_COPY keyword so that it will actually take
effect.
command-line setting.
* cygwin.din: Export sexec* functions as function which returns ENOSYS
(i.e., sexec* is deprecated).
* dtable.cc (dtable::vfork_child_dup): Ensure that impersonation is restored
even on failure.
* exec.cc: Throughout, remove references to sexec* and _spawnve.
* pinfo.h: Remove _spawnve declaration.
* spawn.cc: Rename _spawnve to spawnve and use throughout.
(spawn_guts): Eliminate hToken argument and processing of same. Just perform
special actions if impersonating.
(spawnve): Rename from _spawnve.
* security.cc (alloc_sd): Remove logsrv argument.
Remove two calls to lookup_name.
(set_security_attribute): Remove logsrv argument.
Remove logsrv argument in call to alloc_sd.
(set_nt_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_security_attribute.
(set_file_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_nt_attribute.
(set_file_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_file_attribute.
* syscalls.cc (chown_worker): Remove logserver argument in
call to set_file_attribute.
(chmod): Ditto.
* shm.cc (shmget): Remove logsrv argument in call to alloc_sd.
* uinfo.cc (internal_getlogin): Replace calls to
lookup_name by call to LookupAccountName.
* security.h: Remove logsrv in declarations of set_file_attribute
and alloc_sd. Remove declaration of lookup_name.
(get_lsa_srv_inf): Suppressed.
(get_logon_server_and_user_domain): Suppressed.
(get_logon_server): Essentially new.
(get_user_groups): Add "domain" argument. Only lookup the
designated server and use "domain" in LookupAccountName.
(is_group_member): Simplify the arguments.
(get_user_local_groups): Simplify the arguments. Do only a
local lookup. Use "BUILTIN" and local domain in LookupAccountName.
(get_user_primary_group). Only lookup the designated server.
(get_group_sidlist): Remove logonserver argument. Do not lookup
any server for the SYSTEM account.
(create_token): Delete logonserver and call to get_logon_server.
Adjust arguments of get_group_sidlist, see above.
* security.h: Delete declaration of get_logon_server_and_user_domain
and add declaration of get_logon_server.
* uinfo.cc (internal_get_login): Call get_logon_server instead of
get_logon_server_and_user_domain.
* fhandler.h (fhandler_proc::fill_filebuf): Take a pinfo argument.
* fhandler_proc.cc (fhandler_proc::get_proc_fhandler): Simplify search for
given pid.
(fhandler_proc::readdir): Assume that pid exists if it shows up in the winpid
list.
* fhandler_process.cc (fhandler_process::open): Simplify search for given pid.
Call fill_filebuf with pinfo argument.
(fhandler_process::fill_filebuf): Pass pinfo here and assume that it exists.
* pinfo.h (pinfo::remember): Define differently if sigproc.h is not included.
* dll_init.cc (dll_list::detach): Don't run destructor on exit.
(LoadFuncEx2): Adapted from LoadFuncEx. Provides control of return value for
nonexistent function.
(NtQueryObject): Declare.
(IsDebuggerPresent): Declare via LoadFuncEx2 and always return true if not
available.
* debug.h (being_debugged): Just rely on IsDebuggerPresent return value.
* dtable.cc (handle_to_fn): New function.
(dtable::init_std_file_from_handle): Attempt to derive std handle's name via
handle_to_fn.
(dtable::build_fhandler_from_name): Fill in what we can in path_conv structure
when given a handle and path doesn't exist.
* fhandler.cc (fhandler_base::open): Don't set the file pointer here. Use
pc->exists () to determine if file exists rather than calling GetFileAttributes
again.
* fhandler.h (fhandler_base::exec_state_isknown): New method.
(fhandler_base::fstat_helper): Add extra arguments to declaration.
(fhandler_base::fstat_by_handle): Declare new method.
(fhandler_base::fstat_by_name): Declare new method.
* fhandler_disk_file (num_entries): Make __stdcall.
(fhandler_base::fstat_by_handle): Define new method.
(fhandler_base::fstat_by_name): Define new method.
(fhandler_base:fstat): Call fstat_by_{handle,name} as appropriate.
(fhandler_disk_file::fstat_helper): Accept extra arguments for filling out stat
structure. Move handle or name specific stuff to new methods above.
(fhandler_disk_file::open): Use real_path->exists rather than calling
GetFileAttributes again.
* ntdll.h (FILE_NAME_INFORMATION): Define new structure.
(OBJECT_INFORMATION_CLASS): Partially define new enum.
(OBJECT_NAME_INFORMATION): Define new structure.
(NtQueryInformationFile): New declaration.
(NtQueryObject): New declaration.
* path.cc (path_conv::fillin): Define new method.
* path.h (path_conv::fillin): Declare new method.
(path_conv::drive_thpe): Rename from 'get_drive_type'.
(path_conv::volser): Declare new method.
(path_conv::volname): Declare new method.
(path_conv::root_dir): Declare new method.
* syscalls.cc (fstat64): Send real path_conv to fstat as second argument.
where appropriate, throughout. Remove unneeded exceptions.h, where
appropriate, throughout. Remove unneeded perprocess.h, where appropriate,
throughout.
INVALID_HANDLE_VALUE instead of NULL.
(get_logon_server_and_user_domain): Test for INVALID_HANDLE_VALUE
instead of NULL.
(create_token): Both of the above.
Replace in-line code by call to verify_token().
(setegid): Reverse change from 2002-01-21. Add call to
RevertToSelf and set primary group in impersonation token.
* security.cc (create_token): Store pgrpsid in token security
descriptor, except if it already appears in my_grps.
Use sec_acl() in place of get_dacl().
(verify_token): Create from code in seteuid(), with tighter checks.
(get_dacl) Deleted.
(get_group_sidlist): Add argument to indicate if pgrpsid is already
in the groups.
* security.h: Define verify_token().
* autoload.cc: Load GetKernelObjectSecurity().
(NetServerEnum): Remove symbol.
* security.cc (get_lsa_srv_inf): Call NetGetDCName() instead of
NetServerEnum() since it's faster. Don't call it at all if machine
is not a domain member.
inheritance/permission.
* spawn.cc (spawn_guts): Ditto.
* security.cc (create_token): Initialize token so that it is not tested for
bogus value later. Use sec_user to control process/thread creation.
* security.h (__sec_user): Rename declaration from sec_user.
(sec_user_nih): Declare here as inline function wrapper for __sec_user.
(sec_user): Ditto.
* sigproc.cc (czombies): Allocate a character array for zombies to avoid
constructor overhead
(extremely hackish, I know).
(cpchildren): Ditto.
(pchildren): New define.
(zombies): Ditto.
(getsem): Use sec_user_nih to control semaphore inheritance/permission.
(get_group_sidlist): Call get_supplementary_group_sidlist() to
retrieve list of supplementary groups SIDs from /etc/group and
add them to the user's group list.
* fhandler.h (fhandler_dev_raw::get_unit): New method.
(fhandler_dev_tape::norewind): Eliminate.
(fhandler_dev_tape::is_rewind_device): New method.
* fhandler_raw.cc (fhandler_dev_raw::open): Open new
fixed device name devices using NT internal method.
Keep calling fhandler_base::open() for old mount table
device mapping compatibility devices.
(fhandler_dev_raw::fstat): Eliminate. Settings are done
by fhandler_base::fstat() already.
* fhandler_tape.cc: Remove `norewind' usage throughout.
* ntdll.h: Define FILE_SYNCHRONOUS_IO_NONALERT.
Define struct _IO_STATUS_BLOCK.
Declare NtOpenFile().
* path.cc (get_raw_device_number): Add new approach for
using fixed device names.
(win32_device_name): Ditto.
(get_device_number): Ditto. Require POSIX path to begin
with "/dev/".
(mount_info::conv_to_win32_path): Call win32_device_name()
instead of get_device_number() after evaluating mount points
to allow changing the win32 destination path again.
* security.cc (str2buf2uni): Remove `static' to be able to
call function from fhandler_dev_raw::open().
* wincap.cc: Set flag has_raw_devices appropriately.
* wincap.h: Add flag has_raw_devices.
a failure.
* times.cc (utimes): On NTFS with ntsec ON, change the file's
security descriptor temporarily to acquire write access if
opening the file failed.