From 9808b5c42058aa7a0f788275df4cd73d42f25c94 Mon Sep 17 00:00:00 2001 From: Pierre Humblet Date: Thu, 16 Oct 2003 23:20:41 +0000 Subject: [PATCH] 2003-10-16 Pierre Humblet * syscalls.cc (seteuid32): Always construct a default DACL including the new sid, Admins and SYSTEM and copy it to the new thread token. * security.cc (create_token): Use a NULL default DACL in NtCreateToken. --- winsup/cygwin/security.cc | 10 +--------- winsup/cygwin/syscalls.cc | 29 +++++++++++++++-------------- 2 files changed, 16 insertions(+), 23 deletions(-) diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 9b8c6da0a..745fa0c5d 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -815,8 +815,7 @@ create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw) PTOKEN_PRIVILEGES privs = NULL; TOKEN_OWNER owner; TOKEN_PRIMARY_GROUP pgrp; - char acl_buf[MAX_DACL_LEN (5)]; - TOKEN_DEFAULT_DACL dacl; + TOKEN_DEFAULT_DACL dacl = {}; TOKEN_SOURCE source; TOKEN_STATISTICS stats; memcpy (source.SourceName, "Cygwin.1", 8); @@ -905,13 +904,6 @@ create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw) if (!(privs = get_priv_list (lsa, usersid, tmp_gsids))) goto out; - /* Create default dacl. */ - if (!sec_acl ((PACL) acl_buf, false, false, - tmp_gsids.contains (well_known_admins_sid) ? - well_known_admins_sid : usersid)) - goto out; - dacl.DefaultDacl = (PACL) acl_buf; - /* Let's be heroic... */ ret = NtCreateToken (&token, TOKEN_ALL_ACCESS, &oa, TokenImpersonation, &auth_luid, &exp, &user, new_tok_gsids, privs, &owner, diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index 3444babcf..0940ad028 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -2121,6 +2121,8 @@ seteuid32 (__uid32_t uid) HANDLE ptok, new_token = INVALID_HANDLE_VALUE; struct passwd * pw_new; BOOL token_is_internal, issamesid; + char dacl_buf[MAX_DACL_LEN (5)]; + TOKEN_DEFAULT_DACL tdacl = {}; pw_new = internal_getpwuid (uid); if (!wincap.has_security () && pw_new) @@ -2161,18 +2163,13 @@ seteuid32 (__uid32_t uid) debug_printf ("Found token %d", new_token); /* Set process def dacl to allow access to impersonated token */ - if (cygheap->user.current_token != new_token) + if (sec_acl ((PACL) dacl_buf, true, true, usersid)) { - char dacl_buf[MAX_DACL_LEN (5)]; - if (sec_acl ((PACL) dacl_buf, true, false, usersid)) - { - TOKEN_DEFAULT_DACL tdacl; - tdacl.DefaultDacl = (PACL) dacl_buf; - if (!SetTokenInformation (ptok, TokenDefaultDacl, - &tdacl, sizeof dacl_buf)) - debug_printf ("SetTokenInformation" - "(TokenDefaultDacl): %E"); - } + tdacl.DefaultDacl = (PACL) dacl_buf; + if (!SetTokenInformation (ptok, TokenDefaultDacl, + &tdacl, sizeof dacl_buf)) + debug_printf ("SetTokenInformation" + "(TokenDefaultDacl): %E"); } /* If no impersonation token is available, try to @@ -2193,7 +2190,7 @@ seteuid32 (__uid32_t uid) CloseHandle (cygheap->user.internal_token); cygheap->user.internal_token = new_token; } - else if (new_token != ptok) + if (new_token != ptok) { /* Avoid having HKCU use default user */ load_registry_hive (usersid); @@ -2204,11 +2201,15 @@ seteuid32 (__uid32_t uid) debug_printf ("SetTokenInformation(user.token, " "TokenOwner): %E"); /* Try setting primary group in token to current group */ - if (!SetTokenInformation (new_token, - TokenPrimaryGroup, + if (!SetTokenInformation (new_token, TokenPrimaryGroup, &groups.pgsid, sizeof (cygsid))) debug_printf ("SetTokenInformation(user.token, " "TokenPrimaryGroup): %E"); + /* Try setting default DACL */ + if (tdacl.DefaultDacl + && !SetTokenInformation (new_token, TokenDefaultDacl, + &tdacl, sizeof (tdacl))) + debug_printf ("SetTokenInformation (TokenDefaultDacl): %E"); } CloseHandle (ptok); -- 2.43.5