* cygheap.cc (cygheap_init): Fix formatting. Remove comment. Set

	shared_prefix depending only on terminal service capability.
	* dcrt0.cc (dll_crt0_1): Don't call set_cygwin_privileges here.
	* fhandler_fifo.cc (fhandler_fifo::open): Create the mutex as global
	object.
	* posix_ipc.cc (ipc_mutex_init): Use cygheap->shared_prefix.
	(ipc_cond_init): Ditto.
	* sec_helper.cc (privilege_name): Make static.  Use LookupPrivilegeName
	directly to be independent of the state of cygheap.
	(set_privilege): Take a LUID as parameter instead of an index value.
	Only print debug output in case of failure.
	(set_cygwin_privileges): Add comment.  Use LookupPrivilegeValue to
	get privilege LUIDs.
	(init_global_security): Call set_cygwin_privileges here.
	* security.h (privilege_name): Drop declaration.
	(set_privilege): Declare according to above change.
	(set_process_privilege): Call privilege_luid to get LUID.
	(_push_thread_privilege): Ditto.
	* shared.cc (open_shared): Add comment.  On systems supporting the
	SeCreateGlobalPrivilege, try to create/open global shared memory first.
	Fall back to local shared memory if that fails.
	* thread.cc (semaphore::semaphore): Use cygheap->shared_prefix.
	* wincap.h (wincapc::has_create_global_privilege): New element.
	* wincap.cc: Implement above element throughout.

1 files changed, 25 insertions, 11 deletions

diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc
index a9f11cb6d..22809a34f 100644
--- a/winsup/cygwin/sec_helper.cc
+++ b/winsup/cygwin/sec_helper.cc
@@ -427,23 +427,22 @@ privilege_luid_by_name (const char *pname)
   return NULL;
 }
 
-const char *
-privilege_name (cygpriv_idx idx)
+static const char *
+privilege_name (const LUID *priv_luid, char *buf, DWORD *size)
 {
-  if (idx < 0 || idx >= SE_NUM_PRIVS)
+  if (!priv_luid || !LookupPrivilegeName (NULL, (LUID *) priv_luid, buf, size))
     return "<unknown privilege>";
-  return cygpriv[idx];
+  return buf;
 }
 
 int
-set_privilege (HANDLE token, cygpriv_idx privilege, bool enable)
+set_privilege (HANDLE token, const LUID *priv_luid, bool enable)
 {
   int ret = -1;
-  const LUID *priv_luid;
   TOKEN_PRIVILEGES new_priv, orig_priv;
   DWORD size;
 
-  if (!(priv_luid = privilege_luid (privilege)))
+  if (!priv_luid)
     {
       __seterrno ();
       goto out;
@@ -474,16 +473,29 @@ set_privilege (HANDLE token, cygpriv_idx privilege, bool enable)
     ret = (orig_priv.Privileges[0].Attributes & SE_PRIVILEGE_ENABLED) ? 1 : 0;
 
 out:
-  syscall_printf ("%d = set_privilege ((token %x) %s, %d)",
-		  ret, token, privilege_name (privilege), enable);
+  if (ret < 0)
+    {
+      DWORD siz = 256;
+      char buf[siz];
+      debug_printf ("%d = set_privilege ((token %x) %s, %d)",
+		    ret, token, privilege_name (priv_luid, buf, &siz), enable);
+    }
   return ret;
 }
 
+/* This is called very early in process initialization.  The code must
+   not depend on anything. */
 void
 set_cygwin_privileges (HANDLE token)
 {
-  set_privilege (token, SE_RESTORE_PRIV, true);
-  set_privilege (token, SE_BACKUP_PRIV, true);
+  LUID priv_luid;
+
+  if (LookupPrivilegeValue (NULL, SE_RESTORE_NAME, &priv_luid))
+    set_privilege (token, &priv_luid, true);
+  if (LookupPrivilegeValue (NULL, SE_BACKUP_NAME, &priv_luid))
+    set_privilege (token, &priv_luid, true);
+  if (LookupPrivilegeValue (NULL, SE_CREATE_GLOBAL_NAME, &priv_luid))
+    set_privilege (token, &priv_luid, true);
 }
 
 /* Function to return a common SECURITY_DESCRIPTOR that
@@ -518,6 +530,8 @@ init_global_security ()
   sec_none.lpSecurityDescriptor = sec_none_nih.lpSecurityDescriptor = NULL;
   sec_all.lpSecurityDescriptor = sec_all_nih.lpSecurityDescriptor =
     get_null_sd ();
+
+  set_cygwin_privileges (hProcToken);
 }
 
 bool