From 57ff940dd40a53ec03e5f2b079239b41bd9c2859 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Mon, 30 Apr 2001 21:19:42 +0000 Subject: * autoload.cc: Add LoadDLLinitfunc for secur32.dll. Add LoadDLLfuncEx statements for AllocateLocallyUniqueId@4, DuplicateTokenEx@24, LsaNtStatusToWinError@4, LsaDeregisterLogonProcess@4, LsaFreeReturnBuffer@4, LsaLogonUser@56, LsaLookupAuthenticationPackage@12, LsaRegisterLogonProcess@12, * environ.cc: Add extern declaration for `subauth_id'. (subauth_id_init): New function for setting `subauth_id'. (struct parse_thing): Add entry for `subauth_id'. * fork.cc (fork_parent): Call `RevertToSelf' and `ImpersonateLoggedOnUser' instead of `seteuid'. * security.cc: Define global variable `subauth_id'. (extract_nt_dom_user): New function. (cygwin_logon_user): Call `extract_nt_dom_user' now. (str2lsa): New static function. (str2buf2lsa): Ditto. (str2buf2uni): Ditto. (subauth): Ditto. * security.h: Add prototype for `subauth'. * spawn.cc (spawn_guts): Use cygheap->user.token only if impersonated. Use `cygsid' type. Remove impersonation before allowing access to workstation/desktop to everyone. Call `RevertToSelf' and `ImpersonateLoggedOnUser' instead of `seteuid'. * syscalls.cc (seteuid): Rearranged to allow using subauthentication to retrieve user tokens when needed. --- winsup/cygwin/spawn.cc | 52 ++++++++++++++++++++++++-------------------------- 1 file changed, 25 insertions(+), 27 deletions(-) (limited to 'winsup/cygwin/spawn.cc') diff --git a/winsup/cygwin/spawn.cc b/winsup/cygwin/spawn.cc index 5ac823c8d..f67fa626a 100644 --- a/winsup/cygwin/spawn.cc +++ b/winsup/cygwin/spawn.cc @@ -578,7 +578,8 @@ skip_arg_parsing: /* Preallocated buffer for `sec_user' call */ char sa_buf[1024]; - if (!hToken && cygheap->user.token != INVALID_HANDLE_VALUE) + if (!hToken && cygheap->user.impersonated + && cygheap->user.token != INVALID_HANDLE_VALUE) hToken = cygheap->user.token; const char *runpath = null_app_name ? NULL : (const char *) real_path; @@ -607,6 +608,28 @@ skip_arg_parsing: } else { + cygsid sid; + DWORD ret_len; + if (!GetTokenInformation (hToken, TokenUser, &sid, sizeof sid, &ret_len)) + { + sid = NULL; + system_printf ("GetTokenInformation: %E"); + } + + /* Retrieve security attributes before setting psid to NULL + since it's value is needed by `sec_user'. */ + PSECURITY_ATTRIBUTES sec_attribs = allow_ntsec && sid + ? sec_user (sa_buf, sid) + : &sec_all_nih; + + /* Remove impersonation */ + if (cygheap->user.impersonated + && cygheap->user.token != INVALID_HANDLE_VALUE) + RevertToSelf (); + + /* Load users registry hive. */ + load_registry_hive (sid); + /* allow the child to interact with our window station/desktop */ HANDLE hwst, hdsk; SECURITY_INFORMATION dsi = DACL_SECURITY_INFORMATION; @@ -625,31 +648,6 @@ skip_arg_parsing: strcat (wstname, dskname); si.lpDesktop = wstname; - char tu[1024]; - PSID sid = NULL; - DWORD ret_len; - if (GetTokenInformation (hToken, TokenUser, - (LPVOID) &tu, sizeof tu, - &ret_len)) - sid = ((TOKEN_USER *) &tu)->User.Sid; - else - system_printf ("GetTokenInformation: %E"); - - /* Retrieve security attributes before setting psid to NULL - since it's value is needed by `sec_user'. */ - PSECURITY_ATTRIBUTES sec_attribs = allow_ntsec && sid - ? sec_user (sa_buf, sid) - : &sec_all_nih; - - /* Remove impersonation */ - uid_t uid = geteuid (); - if (cygheap->user.impersonated - && cygheap->user.token != INVALID_HANDLE_VALUE) - seteuid (cygheap->user.orig_uid); - - /* Load users registry hive. */ - load_registry_hive (sid); - rc = CreateProcessAsUser (hToken, runpath, /* image name - with full path */ one_line.buf, /* what was passed to exec */ @@ -666,7 +664,7 @@ skip_arg_parsing: if (mode != _P_OVERLAY && mode != _P_VFORK && cygheap->user.impersonated && cygheap->user.token != INVALID_HANDLE_VALUE) - seteuid (uid); + ImpersonateLoggedOnUser (cygheap->user.token); } MALLOC_CHECK; -- cgit v1.2.3