mirror of
https://github.com/reactos/reactos.git
synced 2025-08-05 06:22:58 +00:00
Fix default DACL of the logon token.
svn path=/trunk/; revision=10067
This commit is contained in:
Eric Kohl
parent
43a041190d
commit
e32637bc50
1 changed files with 68 additions and 30 deletions
|
|
@ -1,4 +1,4 @@
|
||||||
/* $Id: logon.c,v 1.8 2004/07/10 13:12:24 ekohl Exp $
|
/* $Id: logon.c,v 1.9 2004/07/10 21:15:26 ekohl Exp $
|
||||||
*
|
*
|
||||||
* COPYRIGHT: See COPYING in the top level directory
|
* COPYRIGHT: See COPYING in the top level directory
|
||||||
* PROJECT: ReactOS system libraries
|
* PROJECT: ReactOS system libraries
|
||||||
|
|
@ -579,7 +579,8 @@ LogonUserW (LPWSTR lpszUsername,
|
||||||
PSID UserSid = NULL;
|
PSID UserSid = NULL;
|
||||||
PSID PrimaryGroupSid = NULL;
|
PSID PrimaryGroupSid = NULL;
|
||||||
PSID OwnerSid = NULL;
|
PSID OwnerSid = NULL;
|
||||||
ACL Dacl;
|
PSID LocalSystemSid;
|
||||||
|
PACL Dacl;
|
||||||
NTSTATUS Status;
|
NTSTATUS Status;
|
||||||
SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
|
SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
|
||||||
unsigned i;
|
unsigned i;
|
||||||
|
|
@ -661,25 +662,61 @@ LogonUserW (LPWSTR lpszUsername,
|
||||||
|
|
||||||
TokenOwner.Owner = OwnerSid;
|
TokenOwner.Owner = OwnerSid;
|
||||||
TokenPrimaryGroup.PrimaryGroup = PrimaryGroupSid;
|
TokenPrimaryGroup.PrimaryGroup = PrimaryGroupSid;
|
||||||
// TokenPrimaryGroup.PrimaryGroup = UserSid;
|
|
||||||
|
|
||||||
Status = RtlCreateAcl (&Dacl, sizeof(ACL), ACL_REVISION);
|
|
||||||
|
Dacl = RtlAllocateHeap(GetProcessHeap(), 0, 1024);
|
||||||
|
if (Dacl == NULL)
|
||||||
|
{
|
||||||
|
FreeGroupSids(TokenGroups);
|
||||||
|
RtlFreeSid(UserSid);
|
||||||
|
SetLastError(ERROR_OUTOFMEMORY);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
Status = RtlCreateAcl(Dacl, 1024, ACL_REVISION);
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
{
|
{
|
||||||
|
RtlFreeHeap(GetProcessHeap(), 0, Dacl);
|
||||||
FreeGroupSids(TokenGroups);
|
FreeGroupSids(TokenGroups);
|
||||||
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
|
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
|
||||||
RtlFreeSid(UserSid);
|
RtlFreeSid(UserSid);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
TokenDefaultDacl.DefaultDacl = &Dacl;
|
RtlAddAccessAllowedAce(Dacl,
|
||||||
|
ACL_REVISION,
|
||||||
|
GENERIC_ALL,
|
||||||
|
OwnerSid);
|
||||||
|
|
||||||
|
RtlAllocateAndInitializeSid(&SystemAuthority,
|
||||||
|
1,
|
||||||
|
SECURITY_LOCAL_SYSTEM_RID,
|
||||||
|
SECURITY_NULL_RID,
|
||||||
|
SECURITY_NULL_RID,
|
||||||
|
SECURITY_NULL_RID,
|
||||||
|
SECURITY_NULL_RID,
|
||||||
|
SECURITY_NULL_RID,
|
||||||
|
SECURITY_NULL_RID,
|
||||||
|
SECURITY_NULL_RID,
|
||||||
|
&LocalSystemSid);
|
||||||
|
|
||||||
|
/* SID: S-1-5-18 */
|
||||||
|
RtlAddAccessAllowedAce(Dacl,
|
||||||
|
ACL_REVISION,
|
||||||
|
GENERIC_ALL,
|
||||||
|
LocalSystemSid);
|
||||||
|
|
||||||
|
RtlFreeSid(LocalSystemSid);
|
||||||
|
|
||||||
|
TokenDefaultDacl.DefaultDacl = Dacl;
|
||||||
|
|
||||||
memcpy(TokenSource.SourceName,
|
memcpy(TokenSource.SourceName,
|
||||||
"**ANON**",
|
"User32 ",
|
||||||
8);
|
8);
|
||||||
Status = NtAllocateLocallyUniqueId(&TokenSource.SourceIdentifier);
|
Status = NtAllocateLocallyUniqueId(&TokenSource.SourceIdentifier);
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
{
|
{
|
||||||
|
RtlFreeHeap(GetProcessHeap(), 0, Dacl);
|
||||||
FreeGroupSids(TokenGroups);
|
FreeGroupSids(TokenGroups);
|
||||||
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
|
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
|
||||||
RtlFreeSid(UserSid);
|
RtlFreeSid(UserSid);
|
||||||
|
|
@ -700,6 +737,7 @@ LogonUserW (LPWSTR lpszUsername,
|
||||||
&TokenDefaultDacl,
|
&TokenDefaultDacl,
|
||||||
&TokenSource);
|
&TokenSource);
|
||||||
|
|
||||||
|
RtlFreeHeap(GetProcessHeap(), 0, Dacl);
|
||||||
FreeGroupSids(TokenGroups);
|
FreeGroupSids(TokenGroups);
|
||||||
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
|
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
|
||||||
RtlFreeSid(UserSid);
|
RtlFreeSid(UserSid);
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue