Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-10-02 07:26:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixed SeSetWorldSecurityDescriptor() so it creates a security descriptor that is at least valid

Browse source 
svn path=/trunk/; revision=20851
This commit is contained in:
Thomas Bluemel 2006-01-14 14:52:50 +00:00
parent 7c8174e7ee
commit e1fd1adbfa
1 changed files with 38 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
reactos/ntoskrnl/se/sd.c
View file

@ -125,6 +125,7 @@ SeSetWorldSecurityDescriptor(SECURITY_INFORMATION SecurityInformation,
ULONG SidSize; ULONG SidSize;
ULONG SdSize; ULONG SdSize;
NTSTATUS Status; NTSTATUS Status;
PISECURITY_DESCRIPTOR_RELATIVE SdRel = (PISECURITY_DESCRIPTOR_RELATIVE)SecurityDescriptor;
DPRINT("SeSetWorldSecurityDescriptor() called\n"); DPRINT("SeSetWorldSecurityDescriptor() called\n");
@ -133,8 +134,17 @@ SeSetWorldSecurityDescriptor(SECURITY_INFORMATION SecurityInformation,
return STATUS_ACCESS_DENIED; return STATUS_ACCESS_DENIED;
} }
/* calculate the minimum size of the buffer */
SidSize = RtlLengthSid(SeWorldSid); SidSize = RtlLengthSid(SeWorldSid);
SdSize = sizeof(SECURITY_DESCRIPTOR) + (2 * SidSize); SdSize = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
if (SecurityInformation & OWNER_SECURITY_INFORMATION)
SdSize += SidSize;
if (SecurityInformation & GROUP_SECURITY_INFORMATION)
SdSize += SidSize;
if (SecurityInformation & DACL_SECURITY_INFORMATION)
{
SdSize += sizeof(ACL) + sizeof(ACE) + SidSize;
}
if (*BufferLength < SdSize) if (*BufferLength < SdSize)
{ {
@ -144,22 +154,21 @@ SeSetWorldSecurityDescriptor(SECURITY_INFORMATION SecurityInformation,
*BufferLength = SdSize; *BufferLength = SdSize;
Status = RtlCreateSecurityDescriptor(SecurityDescriptor, Status = RtlCreateSecurityDescriptorRelative(SdRel,
SECURITY_DESCRIPTOR_REVISION); SECURITY_DESCRIPTOR_REVISION);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
return Status; return Status;
} }
SecurityDescriptor->Control |= SE_SELF_RELATIVE; Current = (ULONG_PTR)(SdRel + 1);
Current = (ULONG_PTR)SecurityDescriptor + sizeof(SECURITY_DESCRIPTOR);
if (SecurityInformation & OWNER_SECURITY_INFORMATION) if (SecurityInformation & OWNER_SECURITY_INFORMATION)
{ {
RtlCopyMemory((PVOID)Current, RtlCopyMemory((PVOID)Current,
SeWorldSid, SeWorldSid,
SidSize); SidSize);
SecurityDescriptor->Owner = (PSID)((ULONG_PTR)Current - (ULONG_PTR)SecurityDescriptor); SdRel->Owner = (DWORD)((ULONG_PTR)Current - (ULONG_PTR)SdRel);
Current += SidSize; Current += SidSize;
} }
@ -168,18 +177,34 @@ SeSetWorldSecurityDescriptor(SECURITY_INFORMATION SecurityInformation,
RtlCopyMemory((PVOID)Current, RtlCopyMemory((PVOID)Current,
SeWorldSid, SeWorldSid,
SidSize); SidSize);
SecurityDescriptor->Group = (PSID)((ULONG_PTR)Current - (ULONG_PTR)SecurityDescriptor); SdRel->Group = (DWORD)((ULONG_PTR)Current - (ULONG_PTR)SdRel);
Current += SidSize; Current += SidSize;
} }
if (SecurityInformation & DACL_SECURITY_INFORMATION) if (SecurityInformation & DACL_SECURITY_INFORMATION)
{ {
SecurityDescriptor->Control |= SE_DACL_PRESENT; PACL Dacl = (PACL)Current;
SdRel->Control |= SE_DACL_PRESENT;
Status = RtlCreateAcl(Dacl,
sizeof(ACL) + sizeof(ACE) + SidSize,
ACL_REVISION);
if (!NT_SUCCESS(Status))
return Status;
Status = RtlAddAccessAllowedAce(Dacl,
ACL_REVISION,
GENERIC_ALL,
SeWorldSid);
if (!NT_SUCCESS(Status))
return Status;
SdRel->Dacl = (DWORD)((ULONG_PTR)Current - (ULONG_PTR)SdRel);
} }
if (SecurityInformation & SACL_SECURITY_INFORMATION) if (SecurityInformation & SACL_SECURITY_INFORMATION)
{ {
SecurityDescriptor->Control |= SE_SACL_PRESENT; /* FIXME - SdRel->Control |= SE_SACL_PRESENT; */
} }
return STATUS_SUCCESS; return STATUS_SUCCESS;