Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-28 18:15:11 +00:00
Code Issues Projects Releases Packages Wiki Activity

[BASESRV] Strengthen default permissions for DOS devices

Browse source 
This is linked to previous work done on DOS devices creation
in basesrv. If this DWORD is not set (or 0), DOS devices will
be created with an ACL that make the symlink readable by any
and modifiable by any.
With protection mode set, the symlink will be still readable by
any but not modifiable by anyone but the owner.

This should also affect some objects managed by session manager.

By default, on W2K3, that protection mode is set.
This commit is contained in:
Pierre Schweitzer 2019-05-15 08:32:55 +02:00
parent 6a124ef38a
commit e97b412a76
No known key found for this signature in database
GPG key ID: 7545556C3D585B0B
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
boot/bootdata/hivesys.inf
View file

@ -1442,6 +1442,7 @@ HKLM,"SYSTEM\CurrentControlSet\Control\Session Manager","GlobalFlag", 0x00010003
HKLM,"SYSTEM\CurrentControlSet\Control\Session Manager","ObjectDirectories",0x00010000, \
"\Windows", \
"\RPC Control"
HKLM,"SYSTEM\CurrentControlSet\Control\Session Manager","ProtectionMode", 0x00010003, 0x00000001
; DOS devices
HKLM,"SYSTEM\CurrentControlSet\Control\Session Manager\DOS Devices","AUX",0x00000002,"\DosDevices\COM1"