Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-05 02:05:50 +00:00
Code Issues Projects Releases Packages Wiki Activity

Create a security descriptor for the desktops rather than passing the ACLs in as a security descriptor

Browse source 
svn path=/trunk/; revision=50397
This commit is contained in:
Thomas Bluemel 2011-01-16 02:51:58 +00:00
parent 8f2b4ea5e1
commit 44f8ef985c
1 changed files with 36 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

38
reactos/base/system/winlogon/wlx.c
View file

@ -961,7 +961,9 @@ CreateWindowStationAndDesktops(
DWORD SidSize, AclSize; DWORD SidSize, AclSize;
PACL pDefaultAcl = NULL; PACL pDefaultAcl = NULL;
PACL pUserDesktopAcl = NULL; PACL pUserDesktopAcl = NULL;
SECURITY_DESCRIPTOR DefaultSecurityDescriptor;
SECURITY_ATTRIBUTES DefaultSecurity; SECURITY_ATTRIBUTES DefaultSecurity;
SECURITY_DESCRIPTOR UserDesktopSecurityDescriptor;
SECURITY_ATTRIBUTES UserDesktopSecurity; SECURITY_ATTRIBUTES UserDesktopSecurity;
BOOL ret = FALSE; BOOL ret = FALSE;
@ -1008,8 +1010,24 @@ CreateWindowStationAndDesktops(
ERR("WL: AddAccessAllowedAce() failed (error %lu)\n", GetLastError()); ERR("WL: AddAccessAllowedAce() failed (error %lu)\n", GetLastError());
goto cleanup; goto cleanup;
} }
/*
* Create the default security descriptor
*/
if (!InitializeSecurityDescriptor(&DefaultSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION))
{
ERR("WL: InitializeSecurityDescriptor() failed (error %lu)\n", GetLastError());
goto cleanup;
}
if (!SetSecurityDescriptorDacl(&DefaultSecurityDescriptor, TRUE, pDefaultAcl, FALSE))
{
ERR("WL: SetSecurityDescriptorDacl() failed (error %lu)\n", GetLastError());
goto cleanup;
}
DefaultSecurity.nLength = sizeof(SECURITY_ATTRIBUTES); DefaultSecurity.nLength = sizeof(SECURITY_ATTRIBUTES);
DefaultSecurity.lpSecurityDescriptor = pDefaultAcl; DefaultSecurity.lpSecurityDescriptor = &DefaultSecurityDescriptor;
DefaultSecurity.bInheritHandle = TRUE; DefaultSecurity.bInheritHandle = TRUE;
/* /*
@ -1021,8 +1039,24 @@ CreateWindowStationAndDesktops(
ERR("WL: AddAccessAllowedAce() failed (error %lu)\n", GetLastError()); ERR("WL: AddAccessAllowedAce() failed (error %lu)\n", GetLastError());
goto cleanup; goto cleanup;
} }
/*
* Create the user desktop security descriptor
*/
if (!InitializeSecurityDescriptor(&UserDesktopSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION))
{
ERR("WL: InitializeSecurityDescriptor() failed (error %lu)\n", GetLastError());
goto cleanup;
}
if (!SetSecurityDescriptorDacl(&UserDesktopSecurityDescriptor, TRUE, pUserDesktopAcl, FALSE))
{
ERR("WL: SetSecurityDescriptorDacl() failed (error %lu)\n", GetLastError());
goto cleanup;
}
UserDesktopSecurity.nLength = sizeof(SECURITY_ATTRIBUTES); UserDesktopSecurity.nLength = sizeof(SECURITY_ATTRIBUTES);
UserDesktopSecurity.lpSecurityDescriptor = pUserDesktopAcl; UserDesktopSecurity.lpSecurityDescriptor = &UserDesktopSecurityDescriptor;
UserDesktopSecurity.bInheritHandle = TRUE; UserDesktopSecurity.bInheritHandle = TRUE;
/* /*