ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

server: Set the security descriptor at object creation.time. 

Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Alexandre Julliard 2016-02-12 22:57:33 +09:00
parent 10a38ef056
commit 3ea7f7d2f4
15 changed files with 50 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
server/completion.c
View File

@ -136,15 +136,12 @@ static struct completion *create_completion( struct object *root, const struct u
{
struct completion *completion;
if ((completion = create_named_object( root, &completion_ops, name, attr )))
if ((completion = create_named_object( root, &completion_ops, name, attr, sd )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
list_init( &completion->queue );
completion->depth = 0;
if (sd) default_set_sd( &completion->obj, sd,
OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION );
}
}

4
server/device.c
View File

@ -604,7 +604,7 @@ static struct device *create_device( struct object *root, const struct unicode_s
{
struct device *device;
if ((device = create_named_object( root, &device_ops, name, attr )))
if ((device = create_named_object( root, &device_ops, name, attr, NULL )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
@ -623,7 +623,7 @@ struct device *create_unix_device( struct object *root, const struct unicode_str
{
struct device *device;
if ((device = create_named_object( root, &device_ops, name, 0 )))
if ((device = create_named_object( root, &device_ops, name, 0, NULL )))
{
device->unix_path = strdup( unix_path );
device->manager = NULL; /* no manager, requests go straight to the Unix device */

6
server/directory.c
View File

@ -204,7 +204,7 @@ static struct directory *create_directory( struct object *root, const struct uni
{
struct directory *dir;
if ((dir = create_named_object( root, &directory_ops, name, attr )) &&
if ((dir = create_named_object( root, &directory_ops, name, attr, sd )) &&
get_error() != STATUS_OBJECT_NAME_EXISTS)
{
if (!(dir->entries = create_namespace( hash_size )))
@ -212,8 +212,6 @@ static struct directory *create_directory( struct object *root, const struct uni
release_object( dir );
return NULL;
}
if (sd) default_set_sd( &dir->obj, sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION );
}
return dir;
}
@ -234,7 +232,7 @@ struct object_type *get_object_type( const struct unicode_str *name )
{
struct object_type *type;
if ((type = create_named_object( &dir_objtype->obj, &object_type_ops, name, OBJ_OPENIF )))
if ((type = create_named_object( &dir_objtype->obj, &object_type_ops, name, OBJ_OPENIF, NULL )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{

12
server/event.c
View File

@ -112,17 +112,13 @@ struct event *create_event( struct object *root, const struct unicode_str *name,
{
struct event *event;
if ((event = create_named_object( root, &event_ops, name, attr )))
if ((event = create_named_object( root, &event_ops, name, attr, sd )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
/* initialize it if it didn't already exist */
event->manual_reset = manual_reset;
event->signaled = initial_state;
if (sd) default_set_sd( &event->obj, sd, OWNER_SECURITY_INFORMATION|
GROUP_SECURITY_INFORMATION|
DACL_SECURITY_INFORMATION|
SACL_SECURITY_INFORMATION );
}
}
return event;
@ -211,15 +207,11 @@ struct keyed_event *create_keyed_event( struct object *root, const struct unicod
{
struct keyed_event *event;
if ((event = create_named_object( root, &keyed_event_ops, name, attr )))
if ((event = create_named_object( root, &keyed_event_ops, name, attr, sd )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
/* initialize it if it didn't already exist */
if (sd) default_set_sd( &event->obj, sd, OWNER_SECURITY_INFORMATION|
GROUP_SECURITY_INFORMATION|
DACL_SECURITY_INFORMATION|
SACL_SECURITY_INFORMATION );
}
}
return event;

6
server/mailslot.c
View File

@ -401,7 +401,7 @@ void create_mailslot_device( struct object *root, const struct unicode_str *name
{
struct mailslot_device *dev;
if ((dev = create_named_object( root, &mailslot_device_ops, name, 0 )) &&
if ((dev = create_named_object( root, &mailslot_device_ops, name, 0, NULL )) &&
get_error() != STATUS_OBJECT_NAME_EXISTS)
{
dev->mailslots = NULL;
@ -423,15 +423,13 @@ static struct mailslot *create_mailslot( struct object *root,
struct mailslot *mailslot;
int fds[2];
if (!(mailslot = create_named_object( root, &mailslot_ops, name, attr ))) return NULL;
if (!(mailslot = create_named_object( root, &mailslot_ops, name, attr, sd ))) return NULL;
mailslot->fd = NULL;
mailslot->write_fd = -1;
mailslot->max_msgsize = max_msgsize;
mailslot->read_timeout = read_timeout;
list_init( &mailslot->writers );
if (sd) default_set_sd( &mailslot->obj, sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION );
if (!socketpair( PF_UNIX, SOCK_DGRAM, 0, fds ))
{

6
server/mapping.c
View File

@ -483,15 +483,11 @@ static struct object *create_mapping( struct object *root, const struct unicode_
if (!page_mask) page_mask = sysconf( _SC_PAGESIZE ) - 1;
if (!(mapping = create_named_object( root, &mapping_ops, name, attr )))
if (!(mapping = create_named_object( root, &mapping_ops, name, attr, sd )))
return NULL;
if (get_error() == STATUS_OBJECT_NAME_EXISTS)
return &mapping->obj; /* Nothing else to do */
if (sd) default_set_sd( &mapping->obj, sd, OWNER_SECURITY_INFORMATION|
GROUP_SECURITY_INFORMATION|
DACL_SECURITY_INFORMATION|
SACL_SECURITY_INFORMATION );
mapping->header_size = 0;
mapping->base = 0;
mapping->fd = NULL;

6
server/mutex.c
View File

@ -104,7 +104,7 @@ static struct mutex *create_mutex( struct object *root, const struct unicode_str
{
struct mutex *mutex;
if ((mutex = create_named_object( root, &mutex_ops, name, attr )))
if ((mutex = create_named_object( root, &mutex_ops, name, attr, sd )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
@ -113,10 +113,6 @@ static struct mutex *create_mutex( struct object *root, const struct unicode_str
mutex->owner = NULL;
mutex->abandoned = 0;
if (owned) do_grab( mutex, current );
if (sd) default_set_sd( &mutex->obj, sd, OWNER_SECURITY_INFORMATION|
GROUP_SECURITY_INFORMATION|
DACL_SECURITY_INFORMATION|
SACL_SECURITY_INFORMATION );
}
}
return mutex;

4
server/named_pipe.c
View File

@ -504,7 +504,7 @@ void create_named_pipe_device( struct object *root, const struct unicode_str *na
{
struct named_pipe_device *dev;
if ((dev = create_named_object( root, &named_pipe_device_ops, name, 0 )) &&
if ((dev = create_named_object( root, &named_pipe_device_ops, name, 0, NULL )) &&
get_error() != STATUS_OBJECT_NAME_EXISTS)
{
dev->pipes = NULL;
@ -915,7 +915,7 @@ DECL_HANDLER(create_named_pipe)
if (!(root = get_directory_obj( current->process, objattr->rootdir ))) return;
}
pipe = create_named_object( root, &named_pipe_ops, &name, objattr->attributes | OBJ_OPENIF );
pipe = create_named_object( root, &named_pipe_ops, &name, objattr->attributes | OBJ_OPENIF, NULL );
if (root) release_object( root );
if (!pipe) return;

46
server/object.c
View File

@ -262,38 +262,50 @@ struct object *lookup_named_object( struct object *root, const struct unicode_st
return parent;
}
void *create_object( struct object *parent, const struct object_ops *ops, const struct unicode_str *name )
static struct object *create_object( struct object *parent, const struct object_ops *ops,
const struct unicode_str *name, const struct security_descriptor *sd )
{
struct object *obj;
struct object_name *name_ptr;
if (!(name_ptr = alloc_name( name ))) return NULL;
if ((obj = alloc_object( ops )))
{
if (!obj->ops->link_name( obj, name_ptr, parent ))
{
free_object( obj );
free( name_ptr );
return NULL;
}
name_ptr->obj = obj;
obj->name = name_ptr;
}
else
free( name_ptr );
if (!(obj = alloc_object( ops ))) goto failed;
if (sd && !default_set_sd( obj, sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION ))
goto failed;
if (!obj->ops->link_name( obj, name_ptr, parent )) goto failed;
name_ptr->obj = obj;
obj->name = name_ptr;
return obj;
failed:
if (obj) free_object( obj );
free( name_ptr );
return NULL;
}
/* create an object as named child under the specified parent */
void *create_named_object( struct object *parent, const struct object_ops *ops,
const struct unicode_str *name, unsigned int attributes )
const struct unicode_str *name, unsigned int attributes,
const struct security_descriptor *sd )
{
struct object *obj, *new_obj;
struct unicode_str new_name;
clear_error();
if (!name || !name->len) return alloc_object( ops );
if (!name || !name->len)
{
if (!(new_obj = alloc_object( ops ))) return NULL;
if (sd && !default_set_sd( new_obj, sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION ))
{
free_object( new_obj );
return NULL;
}
return new_obj;
}
if (!(obj = lookup_named_object( parent, name, attributes, &new_name ))) return NULL;
@ -313,7 +325,7 @@ void *create_named_object( struct object *parent, const struct object_ops *ops,
return obj;
}
new_obj = create_object( obj, ops, &new_name );
new_obj = create_object( obj, ops, &new_name, sd );
release_object( obj );
return new_obj;
}

5
server/object.h
View File

@ -133,10 +133,9 @@ extern WCHAR *get_object_full_name( struct object *obj, data_size_t *ret_len );
extern void dump_object_name( struct object *obj );
extern struct object *lookup_named_object( struct object *root, const struct unicode_str *name,
unsigned int attr, struct unicode_str *name_left );
extern void *create_object( struct object *parent, const struct object_ops *ops,
const struct unicode_str *name );
extern void *create_named_object( struct object *parent, const struct object_ops *ops,
const struct unicode_str *name, unsigned int attributes );
const struct unicode_str *name, unsigned int attributes,
const struct security_descriptor *sd );
extern void *open_named_object( struct object *parent, const struct object_ops *ops,
const struct unicode_str *name, unsigned int attributes );
extern void unlink_named_object( struct object *obj );

6
server/process.c
View File

@ -186,15 +186,11 @@ static struct job *create_job_object( struct object *root, const struct unicode_
{
struct job *job;
if ((job = create_named_object( root, &job_ops, name, attr )))
if ((job = create_named_object( root, &job_ops, name, attr, sd )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
/* initialize it if it didn't already exist */
if (sd) default_set_sd( &job->obj, sd, OWNER_SECURITY_INFORMATION |
GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION |
SACL_SECURITY_INFORMATION );
list_init( &job->process_list );
job->num_processes = 0;
job->limit_flags = 0;

6
server/semaphore.c
View File

@ -84,17 +84,13 @@ static struct semaphore *create_semaphore( struct object *root, const struct uni
set_error( STATUS_INVALID_PARAMETER );
return NULL;
}
if ((sem = create_named_object( root, &semaphore_ops, name, attr )))
if ((sem = create_named_object( root, &semaphore_ops, name, attr, sd )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
/* initialize it if it didn't already exist */
sem->count = initial;
sem->max = max;
if (sd) default_set_sd( &sem->obj, sd, OWNER_SECURITY_INFORMATION|
GROUP_SECURITY_INFORMATION|
DACL_SECURITY_INFORMATION|
SACL_SECURITY_INFORMATION );
}
}
return sem;

6
server/symlink.c
View File

@ -144,16 +144,12 @@ struct symlink *create_symlink( struct object *root, const struct unicode_str *n
set_error( STATUS_INVALID_PARAMETER );
return NULL;
}
if ((symlink = create_named_object( root, &symlink_ops, name, attr )) &&
if ((symlink = create_named_object( root, &symlink_ops, name, attr, sd )) &&
(get_error() != STATUS_OBJECT_NAME_EXISTS))
{
if ((symlink->target = memdup( target->str, target->len )))
{
symlink->len = target->len;
if (sd)
default_set_sd( &symlink->obj, sd,
OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION );
}
else
{

5
server/timer.c
View File

@ -86,7 +86,7 @@ static struct timer *create_timer( struct object *root, const struct unicode_str
{
struct timer *timer;
if ((timer = create_named_object( root, &timer_ops, name, attr )))
if ((timer = create_named_object( root, &timer_ops, name, attr, sd )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
@ -97,9 +97,6 @@ static struct timer *create_timer( struct object *root, const struct unicode_str
timer->period = 0;
timer->timeout = NULL;
timer->thread = NULL;
if (sd) default_set_sd( &timer->obj, sd,
OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION );
}
}
return timer;

4
server/winstation.c
View File

@ -110,7 +110,7 @@ static struct winstation *create_winstation( struct object *root, const struct u
{
struct winstation *winstation;
if ((winstation = create_named_object( root, &winstation_ops, name, attr )))
if ((winstation = create_named_object( root, &winstation_ops, name, attr, NULL )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{
@ -213,7 +213,7 @@ static struct desktop *create_desktop( const struct unicode_str *name, unsigned
{
struct desktop *desktop;
if ((desktop = create_named_object( &winstation->obj, &desktop_ops, name, attr )))
if ((desktop = create_named_object( &winstation->obj, &desktop_ops, name, attr, NULL )))
{
if (get_error() != STATUS_OBJECT_NAME_EXISTS)
{