From 09bfd96f3bdb8a190ddf51100204be19cbbc0b8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?George=20Bi=C8=99oc?= Date: Sun, 1 Oct 2023 14:01:22 +0200 Subject: [PATCH] [NTOS:SE] HACK: Temporarily add the Local group SID to the system token Temporarily add the local group to the system token so that Virtualbox GA services can properly set up network drives for shared folders. What happens is that a security descriptor has a DACL with only one ACE that grants access to Local SID (presumably coming from Vbox?) but the client token is that of the service which is a SYSTEM token. Perhaps we are not impersonating the right user or whatever else. This is only a temporary placebo, until a proper solution is found. CORE-18250 --- ntoskrnl/se/token.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ntoskrnl/se/token.c b/ntoskrnl/se/token.c index dae5a411dff..83335415669 100644 --- a/ntoskrnl/se/token.c +++ b/ntoskrnl/se/token.c @@ -1784,12 +1784,14 @@ SepCreateSystemProcessToken(VOID) { {SeAliasAdminsSid, OwnerAttributes}, {SeWorldSid, GroupAttributes}, - {SeAuthenticatedUsersSid, GroupAttributes} + {SeAuthenticatedUsersSid, GroupAttributes}, + {SeLocalSid, SE_GROUP_ENABLED} // HACK: Temporarily add the local group. See CORE-18250. }; GroupsLength = sizeof(SID_AND_ATTRIBUTES) + SeLengthSid(Groups[0].Sid) + SeLengthSid(Groups[1].Sid) + - SeLengthSid(Groups[2].Sid); + SeLengthSid(Groups[2].Sid) + + SeLengthSid(Groups[3].Sid); // HACK ASSERT(GroupsLength <= (sizeof(Groups) * sizeof(ULONG))); /* Setup the privileges */