Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-29 02:25:17 +00:00
Code Issues Projects Releases Packages Wiki Activity
85353 commits 96 branches 276 tags 1 GiB
Commit graph

13 commits

Author SHA1 Message Date
George Bișoc
bee9b2fcc6
[LSASRV] Set up a security descriptor for the token object 
LSASS implements a default ACL inside the token structure field but it doesn't actually set a protective security descriptor for the token object itself. This happens so that the kernel gets whatever default ACLs it finds for the object which is incorrect.

SYSTEM has full and supreme control over tokens, administrators can only read the token as such. The logged in user of their own token has full access. Credits and courtesy goes to Thomas Faber for the patch.
 2022-05-06 10:09:36 +02:00
Eric Kohl
6ae7fc2b04 [LSASRV] Notify all authentication packages of a session to be deleted 2021-06-06 11:38:26 +02:00
Eric Kohl
1fbb295d4a [LSASRV][SECUR32] Fix the naming mess 
Rename Untrusted to TrustredCaller in LSA_CONNECTION_INFO and LSAP_LOGON_CONTEXT in order to clarify the meaning of the variable.
 2021-02-28 11:03:33 +01:00
Serge Gautherie
99d0a348aa
[LSASRV] LsapLogonUser(): Fix 'AuthenticatingAuthority' copypasta (#2839) 
Reported by contributor 'qarmin'.
CORE-17074
 2020-05-23 19:07:04 +02:00
Eric Kohl
a66c7d2ecc [LSA][SECUR32] Check for untrusted clients 
Calls  to LsapCallAuthenticationPackage are routed to LsaApCallPackageUntrusted instead of LsaApCallPackage for  untrusted clients.
 2019-09-17 12:58:11 +02:00
Eric Kohl
034c6fd0c5 [LSASRV] Improvements to LsapLogonUser() 
- Token handle duplication must be the last step because we cannot close the duplicated token handle if something fails.
- Call LsaApLogonTerminated(), delete the logon session and free the profile buffer if something fails.
 2019-07-30 23:10:33 +02:00
Eric Kohl
ef4ee94feb [LSASRV] LsapLogonUser: Support LsaTokenInformationNull logins. 2019-03-04 01:37:15 +01:00
Eric Kohl
fc2b4bc7ea [LSASRV] LsapLogonUser creates an impersonation token for a network logon 2018-08-27 00:19:10 +02:00
Timo Kreuzer
0f8439aa71 [DLLS] Fix 64 bit issues 2018-08-04 19:19:34 +02:00
Hermès Bélusca-Maïto
0208a4d196
[LSASRV] Add the SE_GROUP_OWNER attributes to the token owner. 2018-06-27 23:40:16 +02:00
Hermès Bélusca-Maïto
62384951c8
[LSASRV] If TokenInfo1->Privileges is NULL, which can be expected, pass a valid pointer to a valid but empty privilege structure to NtCreateToken(), as it always want a non-NULL pointer. 2018-06-27 23:40:12 +02:00
Amine Khaldi
44d57334de [LSASRV] Deduplicate SAMPR_ULONG_ARRAY. 2017-12-09 13:29:58 +01:00
Colin Finck
c2c66aff7d Git conversion: Make reactos the root directory, move rosapps, rostests, wallpapers into modules, and delete rossubsys. 2017-10-03 07:45:34 +00:00
Renamed from reactos/dll/win32/lsasrv/authpackage.c (Browse further)