From cce28460fe93c21d30e227331dcbbdf1d29a96b9 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Thu, 19 Jul 2007 08:33:22 +0000 Subject: * cygheap.h (init_cygheap::luid): Remove. * mmap.cc (mlock): Accommodate parameter change in call to push_thread_privilege. (munlock): Ditto. * ntdll.h (STATUS_NOT_ALL_ASSIGNED): Define. (NtAdjustPrivilegesToken): Declare. * sec_helper.cc (cygpriv): Reorder to match numerical privilege order. (privilege_luid): Take job of privilege_luid_by_name, using new cygpriv. (privilege_luid_by_name): Remove. (privilege_name): Accommodate new cygpriv array. (set_privilege): Call NtAdjustPrivilegesToken to avoid using advapi32. Accommodate changes to privilege_name. (set_cygwin_privileges): Simplify. Don't try to set SE_CREATE_GLOBAL_PRIVILEGE on systems not supporting it. * security.cc (sys_privs): Reorder to match numerical privilege order. Use real privilege values as defined in security.h. (get_system_priv_list): Drop unused grp_list argument. Create list of privileges according to new wincapc::max_sys_priv value. (get_priv_list): Call privilege_luid instead of privilege_luid_by_name. Make priv a local value instead of a pointer. (create_token): Accommodate parameter change in call to push_self_privilege. (lsaauth): Ditto. (check_access): Use privilege values directly instead of calling privilege_luid. * security.h: Define real privilege values. (cygpriv_idx): Remove. (privilege_luid): Change declaration. (privilege_luid_by_name): Drop declaration. (set_privilege): Change declaration. (set_process_privilege): Drop definition. (_push_thread_privilege): Accomodate new set_privilege parameters. * wincap.h (wincapc::max_sys_priv): New element. * wincap.cc: Implement above element throughout. (wincap_2000sp4): New wincaps structure. (wincap_xpsp1): Ditto. (wincap_xpsp2): Ditto. (wincapc::init): Use new wincaps. (wincapc::max_sys_priv): New element. --- winsup/cygwin/security.cc | 111 ++++++++++++++++++++++++---------------------- 1 file changed, 58 insertions(+), 53 deletions(-) (limited to 'winsup/cygwin/security.cc') diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 2c3cb141c..d76bbb1d8 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -562,46 +562,50 @@ get_setgroups_sidlist (cygsidlist &tmp_list, PSID usersid, struct passwd *pw, tmp_list += groups.pgsid; } -static const cygpriv_idx sys_privs[] = { - SE_TCB_PRIV, - SE_ASSIGNPRIMARYTOKEN_PRIV, - SE_CREATE_TOKEN_PRIV, - SE_CHANGE_NOTIFY_PRIV, - SE_SECURITY_PRIV, - SE_BACKUP_PRIV, - SE_RESTORE_PRIV, - SE_SYSTEMTIME_PRIV, - SE_SHUTDOWN_PRIV, - SE_REMOTE_SHUTDOWN_PRIV, - SE_TAKE_OWNERSHIP_PRIV, - SE_DEBUG_PRIV, - SE_SYSTEM_ENVIRONMENT_PRIV, - SE_SYSTEM_PROFILE_PRIV, - SE_PROF_SINGLE_PROCESS_PRIV, - SE_INC_BASE_PRIORITY_PRIV, - SE_LOAD_DRIVER_PRIV, - SE_CREATE_PAGEFILE_PRIV, - SE_INCREASE_QUOTA_PRIV, - SE_LOCK_MEMORY_PRIV, - SE_CREATE_PERMANENT_PRIV, - SE_AUDIT_PRIV, - SE_UNDOCK_PRIV, - SE_MANAGE_VOLUME_PRIV, - SE_IMPERSONATE_PRIV, - SE_CREATE_GLOBAL_PRIV, - SE_INCREASE_WORKING_SET_PRIV, - SE_TIME_ZONE_PRIV, - SE_CREATE_SYMBOLIC_LINK_PRIV +static ULONG sys_privs[] = { + SE_CREATE_TOKEN_PRIVILEGE, + SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, + SE_LOCK_MEMORY_PRIVILEGE, + SE_INCREASE_QUOTA_PRIVILEGE, + SE_TCB_PRIVILEGE, + SE_SECURITY_PRIVILEGE, + SE_TAKE_OWNERSHIP_PRIVILEGE, + SE_LOAD_DRIVER_PRIVILEGE, + SE_SYSTEM_PROFILE_PRIVILEGE, /* Vista ONLY */ + SE_SYSTEMTIME_PRIVILEGE, + SE_PROF_SINGLE_PROCESS_PRIVILEGE, + SE_INC_BASE_PRIORITY_PRIVILEGE, + SE_CREATE_PAGEFILE_PRIVILEGE, + SE_CREATE_PERMANENT_PRIVILEGE, + SE_BACKUP_PRIVILEGE, + SE_RESTORE_PRIVILEGE, + SE_SHUTDOWN_PRIVILEGE, + SE_DEBUG_PRIVILEGE, + SE_AUDIT_PRIVILEGE, + SE_SYSTEM_ENVIRONMENT_PRIVILEGE, + SE_CHANGE_NOTIFY_PRIVILEGE, + SE_UNDOCK_PRIVILEGE, + SE_MANAGE_VOLUME_PRIVILEGE, + SE_IMPERSONATE_PRIVILEGE, + SE_CREATE_GLOBAL_PRIVILEGE, + SE_INCREASE_WORKING_SET_PRIVILEGE, + SE_TIME_ZONE_PRIVILEGE, + SE_CREATE_SYMBOLIC_LINK_PRIVILEGE }; #define SYSTEM_PRIVILEGES_COUNT (sizeof sys_privs / sizeof *sys_privs) static PTOKEN_PRIVILEGES -get_system_priv_list (cygsidlist &grp_list, size_t &size) +get_system_priv_list (size_t &size) { - const LUID *priv; - size = sizeof (ULONG) - + SYSTEM_PRIVILEGES_COUNT * sizeof (LUID_AND_ATTRIBUTES); + ULONG max_idx = 0; + while (max_idx < SYSTEM_PRIVILEGES_COUNT + && sys_privs[max_idx] != wincap.max_sys_priv ()) + ++max_idx; + if (max_idx >= SYSTEM_PRIVILEGES_COUNT) + api_fatal ("Coding error: wincap privilege %u doesn't exist in sys_privs", + wincap.max_sys_priv ()); + size = sizeof (ULONG) + (max_idx + 1) * sizeof (LUID_AND_ATTRIBUTES); PTOKEN_PRIVILEGES privs = (PTOKEN_PRIVILEGES) malloc (size); if (!privs) { @@ -609,15 +613,14 @@ get_system_priv_list (cygsidlist &grp_list, size_t &size) return NULL; } privs->PrivilegeCount = 0; - - for (DWORD i = 0; i < SYSTEM_PRIVILEGES_COUNT; ++i) - if ((priv = privilege_luid (sys_privs[i]))) - { - privs->Privileges[privs->PrivilegeCount].Luid = *priv; - privs->Privileges[privs->PrivilegeCount].Attributes = - SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT; - ++privs->PrivilegeCount; - } + for (ULONG i = 0; i <= max_idx; ++i) + { + privs->Privileges[privs->PrivilegeCount].Luid.HighPart = 0L; + privs->Privileges[privs->PrivilegeCount].Luid.LowPart = sys_privs[i]; + privs->Privileges[privs->PrivilegeCount].Attributes = + SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT; + ++privs->PrivilegeCount; + } return privs; } @@ -632,7 +635,7 @@ get_priv_list (LSA_HANDLE lsa, cygsid &usersid, cygsidlist &grp_list, char buf[INTERNET_MAX_HOST_NAME_LENGTH + 1]; if (usersid == well_known_system_sid) - return get_system_priv_list (grp_list, size); + return get_system_priv_list (size); for (int grp = -1; grp < grp_list.count (); ++grp) { @@ -648,13 +651,13 @@ get_priv_list (LSA_HANDLE lsa, cygsid &usersid, cygsidlist &grp_list, continue; for (ULONG i = 0; i < cnt; ++i) { - const LUID *priv; + LUID priv; PTOKEN_PRIVILEGES tmp; DWORD tmp_count; sys_wcstombs (buf, sizeof (buf), privstrs[i].Buffer, privstrs[i].Length / 2); - if (!(priv = privilege_luid_by_name (buf))) + if (!privilege_luid (buf, &priv)) continue; if (privs) @@ -662,8 +665,8 @@ get_priv_list (LSA_HANDLE lsa, cygsid &usersid, cygsidlist &grp_list, DWORD pcnt = privs->PrivilegeCount; LUID_AND_ATTRIBUTES *p = privs->Privileges; for (; pcnt > 0; --pcnt, ++p) - if (priv->HighPart == p->Luid.HighPart - && priv->LowPart == p->Luid.LowPart) + if (priv.HighPart == p->Luid.HighPart + && priv.LowPart == p->Luid.LowPart) goto next_account_right; } @@ -681,7 +684,7 @@ get_priv_list (LSA_HANDLE lsa, cygsid &usersid, cygsidlist &grp_list, } tmp->PrivilegeCount = tmp_count; privs = tmp; - privs->Privileges[privs->PrivilegeCount].Luid = *priv; + privs->Privileges[privs->PrivilegeCount].Luid = priv; privs->Privileges[privs->PrivilegeCount].Attributes = SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT; ++privs->PrivilegeCount; @@ -827,7 +830,7 @@ create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw) size_t psize = 0; /* SE_CREATE_TOKEN_NAME privilege needed to call NtCreateToken. */ - push_self_privilege (SE_CREATE_TOKEN_PRIV, true); + push_self_privilege (SE_CREATE_TOKEN_PRIVILEGE, true); /* Open policy object. */ if ((lsa = open_local_policy ()) == INVALID_HANDLE_VALUE) @@ -964,7 +967,7 @@ lsaauth (cygsid &usersid, user_groups &new_groups, struct passwd *pw) HANDLE user_token = NULL; - push_self_privilege (SE_TCB_PRIV, true); + push_self_privilege (SE_TCB_PRIVILEGE, true); /* Register as logon process. */ str2lsa (name, "Cygwin"); @@ -1978,7 +1981,8 @@ check_access (security_descriptor &sd, GENERIC_MAPPING &mapping, { pset->PrivilegeCount = 1; pset->Control = 0; - pset->Privilege[0].Luid = *privilege_luid (SE_BACKUP_PRIV); + pset->Privilege[0].Luid.HighPart = 0L; + pset->Privilege[0].Luid.LowPart = SE_BACKUP_PRIVILEGE; pset->Privilege[0].Attributes = 0; if (PrivilegeCheck (tok, pset, &status) && status) granted_flags |= R_OK; @@ -1987,7 +1991,8 @@ check_access (security_descriptor &sd, GENERIC_MAPPING &mapping, { pset->PrivilegeCount = 1; pset->Control = 0; - pset->Privilege[0].Luid = *privilege_luid (SE_RESTORE_PRIV); + pset->Privilege[0].Luid.HighPart = 0L; + pset->Privilege[0].Luid.LowPart = SE_RESTORE_PRIVILEGE; pset->Privilege[0].Attributes = 0; if (PrivilegeCheck (tok, pset, &status) && status) granted_flags |= W_OK; -- cgit v1.2.3