diff --git a/reactos/base/system/services/config.c b/reactos/base/system/services/config.c index 42d5f1bdc79..a5e19b98253 100644 --- a/reactos/base/system/services/config.c +++ b/reactos/base/system/services/config.c @@ -513,9 +513,8 @@ ScmWriteSecurityDescriptor( DWORD dwDisposition; DWORD dwError; - DPRINT1("ScmWriteSecurityDescriptor(%p %p)\n", hServiceKey, pSecurityDescriptor); + DPRINT("ScmWriteSecurityDescriptor(%p %p)\n", hServiceKey, pSecurityDescriptor); -DPRINT1("\n"); dwError = RegCreateKeyExW(hServiceKey, L"Security", 0, @@ -526,23 +525,16 @@ DPRINT1("\n"); &hSecurityKey, &dwDisposition); if (dwError != ERROR_SUCCESS) - { -DPRINT1("\n"); - goto done; - } + return dwError; -DPRINT1("\n"); dwError = RegSetValueExW(hSecurityKey, L"Security", 0, REG_BINARY, (LPBYTE)pSecurityDescriptor, RtlLengthSecurityDescriptor(pSecurityDescriptor)); -DPRINT1("\n"); -done: - if (hSecurityKey != NULL) - RegCloseKey(hSecurityKey); + RegCloseKey(hSecurityKey); return dwError; } @@ -559,7 +551,7 @@ ScmReadSecurityDescriptor( DWORD dwType; DWORD dwError; - DPRINT("ScmReadSecurityDescriptor()\n"); + DPRINT("ScmReadSecurityDescriptor(%p %p)\n", hServiceKey, ppSecurityDescriptor); *ppSecurityDescriptor = NULL; diff --git a/reactos/base/system/services/database.c b/reactos/base/system/services/database.c index aee2c4ec065..08d42d2d8b1 100644 --- a/reactos/base/system/services/database.c +++ b/reactos/base/system/services/database.c @@ -555,8 +555,7 @@ ScmDeleteServiceRecord(PSERVICE lpService) ScmSetServiceGroup(lpService, NULL); /* Release the SecurityDescriptor */ - if ((lpService->pSecurityDescriptor != NULL) && - (lpService->pSecurityDescriptor != pDefaultServiceSD)) + if (lpService->pSecurityDescriptor != NULL) HeapFree(GetProcessHeap(), 0, lpService->pSecurityDescriptor); /* Remove the Service from the List */ @@ -706,7 +705,9 @@ CreateServiceListEntry(LPCWSTR lpServiceName, if (lpService->pSecurityDescriptor == NULL) { DPRINT("No security descriptor found! Assign default security descriptor!\n"); - lpService->pSecurityDescriptor = pDefaultServiceSD; + dwError = ScmCreateDefaultServiceSD(&lpService->pSecurityDescriptor); + if (dwError != ERROR_SUCCESS) + goto done; dwError = ScmWriteSecurityDescriptor(hServiceKey, lpService->pSecurityDescriptor); diff --git a/reactos/base/system/services/rpcserver.c b/reactos/base/system/services/rpcserver.c index 58a3cb51618..66bc17fd747 100644 --- a/reactos/base/system/services/rpcserver.c +++ b/reactos/base/system/services/rpcserver.c @@ -2255,7 +2255,9 @@ DWORD RCreateServiceW( /* Assign the default security descriptor */ if (dwServiceType & SERVICE_WIN32) { - lpService->pSecurityDescriptor = pDefaultServiceSD; + dwError = ScmCreateDefaultServiceSD(&lpService->pSecurityDescriptor); + if (dwError != ERROR_SUCCESS) + goto done; } /* Write service data to the registry */ diff --git a/reactos/base/system/services/security.c b/reactos/base/system/services/security.c index 38811f567cc..2c971b32705 100644 --- a/reactos/base/system/services/security.c +++ b/reactos/base/system/services/security.c @@ -13,8 +13,6 @@ #define NDEBUG #include -PSECURITY_DESCRIPTOR pDefaultServiceSD = NULL; /* Self-relative SD */ - static PSID pNullSid = NULL; static PSID pLocalSystemSid = NULL; static PSID pAuthenticatedUserSid = NULL; @@ -102,11 +100,12 @@ ScmCreateSids(VOID) } -static DWORD -ScmCreateDefaultServiceSD(VOID) +ScmCreateDefaultServiceSD( + PSECURITY_DESCRIPTOR *ppSecurityDescriptor) { PSECURITY_DESCRIPTOR pServiceSD = NULL; + PSECURITY_DESCRIPTOR pRelativeSD = NULL; PACL pDacl = NULL; PACL pSacl = NULL; ULONG ulLength; @@ -234,32 +233,32 @@ ScmCreateDefaultServiceSD(VOID) DPRINT("BufferLength %lu\n", dwBufferLength); - pDefaultServiceSD = RtlAllocateHeap(RtlGetProcessHeap(), - HEAP_ZERO_MEMORY, - dwBufferLength); - if (pDefaultServiceSD == NULL) + pRelativeSD = RtlAllocateHeap(RtlGetProcessHeap(), + HEAP_ZERO_MEMORY, + dwBufferLength); + if (pRelativeSD == NULL) { dwError = ERROR_OUTOFMEMORY; goto done; } - DPRINT("pDefaultServiceSD %p\n", pDefaultServiceSD); + DPRINT("pRelativeSD %p\n", pRelativeSD); Status = RtlAbsoluteToSelfRelativeSD(pServiceSD, - pDefaultServiceSD, + pRelativeSD, &dwBufferLength); if (!NT_SUCCESS(Status)) { dwError = RtlNtStatusToDosError(Status); + goto done; } + *ppSecurityDescriptor = pRelativeSD; + done: if (dwError != ERROR_SUCCESS) { - if (pDefaultServiceSD != NULL) - { - RtlFreeHeap(RtlGetProcessHeap(), 0, pDefaultServiceSD); - pDefaultServiceSD = NULL; - } + if (pRelativeSD != NULL) + RtlFreeHeap(RtlGetProcessHeap(), 0, pRelativeSD); } if (pServiceSD != NULL) @@ -284,10 +283,6 @@ ScmInitializeSecurity(VOID) if (dwError != ERROR_SUCCESS) return dwError; - dwError = ScmCreateDefaultServiceSD(); - if (dwError != ERROR_SUCCESS) - return dwError; - return ERROR_SUCCESS; } diff --git a/reactos/base/system/services/services.h b/reactos/base/system/services/services.h index 7c28a53d967..51eb4d75ddc 100644 --- a/reactos/base/system/services/services.h +++ b/reactos/base/system/services/services.h @@ -98,8 +98,6 @@ extern LIST_ENTRY ImageListHead; extern BOOL ScmInitialize; extern BOOL ScmShutdown; -extern PSECURITY_DESCRIPTOR pDefaultServiceSD; - /* FUNCTIONS ***************************************************************/ @@ -215,6 +213,10 @@ VOID ScmStartRpcServer(VOID); DWORD ScmInitializeSecurity(VOID); VOID ScmShutdownSecurity(VOID); +DWORD +ScmCreateDefaultServiceSD( + PSECURITY_DESCRIPTOR *ppSecurityDescriptor); + /* services.c */