mirror of
https://github.com/reactos/reactos.git
synced 2024-11-20 06:15:26 +00:00
4d494caf61
- Overhaul SepCreateToken() and SepDuplicateToken() so that they implement the "variable information area" of the token, where immutable lists of user & groups and privileges reside, and the "dynamic information area" (allocated separately in paged pool), where mutable data such as the token's default DACL is stored. Perform the necessary adaptations in SepDeleteToken() and in NtSetInformationToken(). - Actually dereference the token's logon session, when needed, in the 'TokenSessionReference' case in NtSetInformationToken(). - Overhaul SepFindPrimaryGroupAndDefaultOwner() so that it returns the indices of candidate primary group and default owner within the token's user & groups array. This allows for fixing the 'TokenOwner' and 'TokenPrimaryGroup' cases of NtSetInformationToken(), since the owner or primary group being set *MUST* already exist in the token's user & groups array (as a by-product, memory corruptions that existed before due to the broken way of setting these properties disappear too). - Lock tokens every time operations are performed on them (NOTE: we still use a global token lock!). - Touch the ModifiedId LUID member of tokens everytime a write operation (property change, etc...) is made on them. - Fix some group attributes in the SYSTEM process token, SepCreateSystemProcessToken(). - Make the SeCreateTokenPrivilege mandatory when calling NtCreateToken(). - Update the token pool tags. - Explicitly use the Ex*ResourceLite() versions of the locking functions in the token locking macros. |
||
|---|---|---|
| .. | ||
| internal | ||
| config.h | ||
| ntoskrnl.h | ||
| resource.h | ||
| sysfuncs.h | ||
| sysfuncs64.h | ||