Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-24 01:15:09 +00:00
Code Issues Projects Releases Packages Wiki Activity

Return a security descriptor that grants full access to everyone if a filesystem

Browse source 
driver does not handle IRP_MJ_QUERY_SECURITY.

svn path=/trunk/; revision=10799
This commit is contained in:
Eric Kohl 2004-09-07 11:51:13 +00:00
parent 67e0d5082e
commit 144119a87d
1 changed files with 119 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

122
reactos/ntoskrnl/io/iomgr.c
View file

@ -1,4 +1,4 @@
/* $Id: iomgr.c,v 1.50 2004/08/15 16:39:03 chorns Exp $
/* $Id: iomgr.c,v 1.51 2004/09/07 11:51:13 ekohl Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
@ -131,6 +131,76 @@ IopDeleteFile(PVOID ObjectBody)
}
static NTSTATUS
IopSetDefaultSecurityDescriptor(SECURITY_INFORMATION SecurityInformation,
PSECURITY_DESCRIPTOR SecurityDescriptor,
PULONG BufferLength)
{
ULONG_PTR Current;
ULONG SidSize;
ULONG SdSize;
NTSTATUS Status;
DPRINT("IopSetDefaultSecurityDescriptor() called\n");
if (SecurityInformation == 0)
{
return STATUS_ACCESS_DENIED;
}
SidSize = RtlLengthSid(SeWorldSid);
SdSize = sizeof(SECURITY_DESCRIPTOR) + (2 * SidSize);
if (*BufferLength < SdSize)
{
*BufferLength = SdSize;
return STATUS_BUFFER_TOO_SMALL;
}
*BufferLength = SdSize;
Status = RtlCreateSecurityDescriptor(SecurityDescriptor,
SECURITY_DESCRIPTOR_REVISION);
if (!NT_SUCCESS(Status))
{
return Status;
}
SecurityDescriptor->Control |= SE_SELF_RELATIVE;
Current = (ULONG_PTR)SecurityDescriptor + sizeof(SECURITY_DESCRIPTOR);
if (SecurityInformation & OWNER_SECURITY_INFORMATION)
{
RtlCopyMemory((PVOID)Current,
SeWorldSid,
SidSize);
SecurityDescriptor->Owner = (PSID)((ULONG_PTR)Current - (ULONG_PTR)SecurityDescriptor);
Current += SidSize;
}
if (SecurityInformation & GROUP_SECURITY_INFORMATION)
{
RtlCopyMemory((PVOID)Current,
SeWorldSid,
SidSize);
SecurityDescriptor->Group = (PSID)((ULONG_PTR)Current - (ULONG_PTR)SecurityDescriptor);
Current += SidSize;
}
if (SecurityInformation & DACL_SECURITY_INFORMATION)
{
SecurityDescriptor->Control |= SE_DACL_PRESENT;
}
if (SecurityInformation & SACL_SECURITY_INFORMATION)
{
SecurityDescriptor->Control |= SE_SACL_PRESENT;
}
return STATUS_SUCCESS;
}
NTSTATUS STDCALL
IopSecurityFile(PVOID ObjectBody,
SECURITY_OPERATION_CODE OperationCode,
@ -138,8 +208,16 @@ IopSecurityFile(PVOID ObjectBody,
PSECURITY_DESCRIPTOR SecurityDescriptor,
PULONG BufferLength)
{
IO_STATUS_BLOCK IoStatusBlock;
PIO_STACK_LOCATION StackPtr;
PFILE_OBJECT FileObject;
PIRP Irp;
NTSTATUS Status;
DPRINT("IopSecurityFile() called\n");
FileObject = (PFILE_OBJECT)ObjectBody;
switch (OperationCode)
{
case SetSecurityDescriptor:
@ -147,8 +225,46 @@ IopSecurityFile(PVOID ObjectBody,
return STATUS_SUCCESS;
case QuerySecurityDescriptor:
DPRINT("Query security descriptor\n");
return STATUS_UNSUCCESSFUL;
KeResetEvent(&FileObject->Event);
Irp = IoBuildSynchronousFsdRequest(IRP_MJ_QUERY_SECURITY,
FileObject->DeviceObject,
NULL,
0,
NULL,
&FileObject->Event,
&IoStatusBlock);
Irp->UserBuffer = SecurityDescriptor;
StackPtr = IoGetNextIrpStackLocation(Irp);
StackPtr->FileObject = FileObject;
StackPtr->Parameters.QuerySecurity.SecurityInformation = SecurityInformation;
StackPtr->Parameters.QuerySecurity.Length = *BufferLength;
Status = IoCallDriver(FileObject->DeviceObject, Irp);
if (Status == STATUS_PENDING)
{
KeWaitForSingleObject(&FileObject->Event,
Executive,
KernelMode,
FALSE,
NULL);
Status = IoStatusBlock.Status;
}
if (Status == STATUS_BUFFER_TOO_SMALL)
{
/* FIXME: retrieve BufferLength */
*BufferLength = 0;
}
else if (Status == STATUS_INVALID_DEVICE_REQUEST)
{
Status = IopSetDefaultSecurityDescriptor(SecurityInformation,
SecurityDescriptor,
BufferLength);
}
return Status;
case DeleteSecurityDescriptor:
DPRINT("Delete security descriptor\n");