Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-07 21:25:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
82384 commits 89 branches 274 tags 1 GiB
Commit graph

13 commits

Author SHA1 Message Date
George Bișoc bee9b2fcc6
[LSASRV] Set up a security descriptor for the token object 
LSASS implements a default ACL inside the token structure field but it doesn't actually set a protective security descriptor for the token object itself. This happens so that the kernel gets whatever default ACLs it finds for the object which is incorrect.

SYSTEM has full and supreme control over tokens, administrators can only read the token as such. The logged in user of their own token has full access. Credits and courtesy goes to Thomas Faber for the patch.
 2022-05-06 10:09:36 +02:00
Eric Kohl 6ae7fc2b04 [LSASRV] Notify all authentication packages of a session to be deleted 2021-06-06 11:38:26 +02:00
Eric Kohl 1fbb295d4a [LSASRV][SECUR32] Fix the naming mess 
Rename Untrusted to TrustredCaller in LSA_CONNECTION_INFO and LSAP_LOGON_CONTEXT in order to clarify the meaning of the variable.
 2021-02-28 11:03:33 +01:00
Serge Gautherie 99d0a348aa
[LSASRV] LsapLogonUser(): Fix 'AuthenticatingAuthority' copypasta (#2839) 
Reported by contributor 'qarmin'.
CORE-17074
 2020-05-23 19:07:04 +02:00
Eric Kohl a66c7d2ecc [LSA][SECUR32] Check for untrusted clients 
Calls  to LsapCallAuthenticationPackage are routed to LsaApCallPackageUntrusted instead of LsaApCallPackage for  untrusted clients.
 2019-09-17 12:58:11 +02:00
Eric Kohl 034c6fd0c5 [LSASRV] Improvements to LsapLogonUser() 
- Token handle duplication must be the last step because we cannot close the duplicated token handle if something fails.
- Call LsaApLogonTerminated(), delete the logon session and free the profile buffer if something fails.
 2019-07-30 23:10:33 +02:00
Eric Kohl ef4ee94feb [LSASRV] LsapLogonUser: Support LsaTokenInformationNull logins. 2019-03-04 01:37:15 +01:00
Eric Kohl fc2b4bc7ea [LSASRV] LsapLogonUser creates an impersonation token for a network logon 2018-08-27 00:19:10 +02:00
Timo Kreuzer 0f8439aa71 [DLLS] Fix 64 bit issues 2018-08-04 19:19:34 +02:00
Hermès Bélusca-Maïto 0208a4d196
[LSASRV] Add the SE_GROUP_OWNER attributes to the token owner. 2018-06-27 23:40:16 +02:00
Hermès Bélusca-Maïto 62384951c8
[LSASRV] If TokenInfo1->Privileges is NULL, which can be expected, pass a valid pointer to a valid but empty privilege structure to NtCreateToken(), as it always want a non-NULL pointer. 2018-06-27 23:40:12 +02:00
Amine Khaldi 44d57334de [LSASRV] Deduplicate SAMPR_ULONG_ARRAY. 2017-12-09 13:29:58 +01:00
Colin Finck c2c66aff7d Git conversion: Make reactos the root directory, move rosapps, rostests, wallpapers into modules, and delete rossubsys. 2017-10-03 07:45:34 +00:00
Renamed from reactos/dll/win32/lsasrv/authpackage.c (Browse further)