diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2001-04-25 13:43:25 +0400 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2001-04-25 13:43:25 +0400 |
| commit | d551169a9fa38d2499840f409e0ca90992d6881a (patch) | |
| tree | 7597dd538a99f270fd0285082a090c35a6876d2c /winsup/cygwin/security.h | |
| parent | 3a6e96682d6ee6f127882eef92e3041de8aca4af (diff) | |
* autoload.cc: Add LoadDLLfunc statements for SetTokenInformation@16.
* cygheap.cc: Include security.h.
* grp.cc (internal_getgrent): New function.
(getgroups): Rearranged using `internal_getgrent' and the new
`cygsid' class.
* passwd.cc (internal_getpwent): New function.
* sec_acl.cc: Use new `cygsid' class throughout.
(acl_access): Use `internal_getgrent' instead of `getgrent'.
* sec_helper.cc: Use new `cygsid' class throughout.
(get_id_from_sid): Use `internal_getgrent' instead of `getgrent'.
Use `internal_getpwent' instead of `getpwent'.
* security.cc: Use new `cygsid' class throughout.
* security.h: Move `MAX_SID_LEN' from winsup.h to here.
Add extern declarations for `internal_getgrent' and `internal_getpwent'.
(class cygsid): New class.
* shared.cc (sec_user): Use new `cygsid' class.
* syscalls.cc (seteuid): Try to set owner to user and primary group to
current group in impersonation token before performing impersonation.
(setegid): Try to set primary group in process token to the new group
if ntsec is on.
* uinfo.cc (internal_getlogin): Use new `cygsid' class.
Try to set owner to user and primary group to current group in process
token if the process has been started from a non cygwin process.
(uinfo_init): Set primary group only if the process has been started
from a non cygwin process.
* winsup.h: Move define for `MAX_SID_LEN' to security.h.
Diffstat (limited to 'winsup/cygwin/security.h')
| -rw-r--r-- | winsup/cygwin/security.h | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 3c1f75f49..98545b609 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -12,9 +12,46 @@ details. */ #define INHERIT_ALL (CONTAINER_INHERIT_ACE|OBJECT_INHERIT_ACE) #define INHERIT_ONLY (INHERIT_ONLY_ACE|CONTAINER_INHERIT_ACE|OBJECT_INHERIT_ACE) +#define MAX_SID_LEN 40 + +class cygsid { + PSID psid; + char sbuf[MAX_SID_LEN]; +public: + inline cygsid () : psid ((PSID) sbuf) {} + inline cygsid (PSID nsid) { *this = nsid; } + + inline PSID set () { return psid = (PSID) sbuf; } + + inline const PSID operator= (PSID nsid) + { + if (!nsid) + psid = NULL; + else + { + psid = (PSID) sbuf; + CopySid (MAX_SID_LEN, psid, nsid); + } + return psid; + } + inline BOOL operator== (PSID nsid) + { + if (!psid || !nsid) + return nsid == psid; + return EqualSid (psid, nsid); + } + inline operator const PSID () { return psid; } +}; + extern BOOL allow_ntsec; extern BOOL allow_smbntsec; +/* These both functions are needed to allow walking through the passwd + and group lists so they are somehow security related. Besides that + I didn't find a better place to declare them. */ +extern struct passwd *internal_getpwent (int); +extern struct group *internal_getgrent (int); + /* File manipulation */ int __stdcall set_process_privileges (); int __stdcall get_file_attribute (int, const char *, int *, |