Alexandre Julliard
f6d871eecf
server: impersonation_level should be an int since we store -1 in it.
...
Make sure we don't check the impersonation level for primary tokens.
2008-03-26 14:38:49 +01:00
H. Verbeet
3120c0861c
server: Don't drop the SE_GROUP_LOGON_ID attribute.
2008-03-18 11:15:06 +01:00
Alexandre Julliard
8382eb01b2
server: Return correct object types in the get_directory_entry request.
2007-12-05 18:16:42 +01:00
Rob Shearman
f98556c119
server: Add the name length to the object_attributes structure so that other variable length data can be present after object_attributes.
2007-10-30 14:18:05 +01:00
Rob Shearman
e51f8490f2
server: Ignore ACEs with the INHERIT_ONLY_ACE flag set during access checks.
2007-10-26 12:46:30 +02:00
Rob Shearman
dd9e392796
server: Use the security descriptor passed in when creating events.
2007-10-25 12:47:22 +02:00
Rob Shearman
12e44bf299
server: Fix token_access_check to allow full access to security descriptors with present but NULL DACLs.
2007-10-16 13:17:22 +02:00
Rob Shearman
cb124c9b12
server: Add primitive support for setting and getting the security descriptor of files based on their Unix permissions.
2007-10-04 12:30:52 +02:00
Rob Shearman
c1707d8938
server: Add get_sd and set_sd object operations to allow the security descriptor to be stored somewhere other than server memory, such as on disk.
2007-10-04 12:30:52 +02:00
Rob Shearman
8184bcc91a
server: Add a simple mapping from Unix uids to NT SIDs.
2007-10-04 12:30:52 +02:00
Rob Shearman
45b6706a32
server: Use ACL_REVISION in create_default_dacl instead of MAX_ACL_REVISION since we don't use any features from later ACL revisions.
2007-10-03 11:16:53 +02:00
Rob Shearman
5af809abfd
server: Move set_security_object to handle.c and set_object_sd to object.c.
...
These both don't operate on tokens so token.c is not the right place for
them to be implemented.
2007-10-03 11:04:43 +02:00
Rob Shearman
3f431a0646
server: Add get_token_statistics server call and use it to implement the TokenStatistics and TokenType levels for NtQueryInformationToken.
2007-09-14 14:43:46 +02:00
Peter Dons Tychsen
ec4d8903ef
server: Added the install driver privilege to the default user.
2007-07-31 20:32:40 +02:00
Rob Shearman
bdf964dce8
server: Move most of the duplicate_token request to a new function, token_duplicate, to enable the code to be used inside wineserver.
2007-05-30 11:46:32 +02:00
Rob Shearman
fa074bc544
server: Add the logon SID to the default admin token's groups.
2007-05-18 14:11:44 +02:00
Alexandre Julliard
7e71c1ddee
server: Add an open_file() function to the object operations.
2007-03-22 11:44:29 +01:00
Alexandre Julliard
bf17ce86d4
server: Use internal luid_t type where appropriate.
2007-03-07 13:45:11 +01:00
Juan Lang
c2cb296277
ntdll: Implement NtAllocateLocallyUniqueId with server call.
2007-03-07 13:45:11 +01:00
Rob Shearman
221e01abd2
server: A general solution for handling MAXIMUM_ALLOWED access right has been implemented so remove the workarounds.
2007-03-06 22:17:39 +01:00
Rob Shearman
d342d1413c
server: Add get_token_impersonation_level server call for retrieving the impersonation level from a token.
...
Add tests for GetTokenInformation(TokenImpersonationLevel).
2007-02-21 19:49:37 +01:00
Rob Shearman
6a76a0ac7a
server: Check object's security when creating handles.
...
Don't check object's security when duplicating a handle of the same or
lower access rights. Based on a patch by Vitaliy Margolen.
2007-02-21 19:49:02 +01:00
Rob Shearman
c9b9847dce
server: Track the impersonation level of tokens.
2007-02-16 13:09:55 +01:00
Rob Shearman
df0d625351
server: Track IDs for tokens and modifications made to tokens.
2007-02-16 13:09:49 +01:00
Vitaliy Margolen
b0e9d7e0b5
ntdll/server: Implement NtSetSecurityObject. With tests.
2007-02-15 14:19:24 +01:00
Vitaliy Margolen
6413a9c193
server: Get the primary group from the token's groups.
2007-02-13 17:47:43 +01:00
Vitaliy Margolen
aa28ed0162
server: Fix typo. Should be group not owner.
2007-02-08 11:56:12 +01:00
Vitaliy Margolen
55fdda4c3e
server: Prevent a crash on error while creating a token.
2007-01-25 12:52:39 +01:00
Vitaliy Margolen
fad936c7c5
server: Reverse return value and status in token_access_check to be consistent.
2007-01-25 12:44:35 +01:00
Vitaliy Margolen
2cf11ef771
advapi32: Add few more tests for token access check and fix it on Wine.
2007-01-25 12:42:32 +01:00
Vitaliy Margolen
97b122c03f
server: User correct user sid for the default_dacl.
2007-01-22 12:02:10 +01:00
Andrew Talbot
53dae9b7f5
server: Cast-qual warnings fix.
2006-12-18 11:40:03 +01:00
Michael Stefaniuc
5cecceccb2
server: Remove redundant NULL check before free() (found by Smatch).
2006-10-10 12:56:16 +02:00
Michael Stefaniuc
a624977f21
server: Fix some comparisons between signed and unsigned.
2006-07-26 11:11:04 +02:00
Alexandre Julliard
0f273c17ff
server: Added data_size_t type to represent sizes in the server protocol.
...
Make it an unsigned int to save some space on Win64, if we need to
transfer more than 4Gb over the server pipe something is seriously
wrong.
2006-07-26 11:11:03 +02:00
Francois Gouget
11ae0f6386
Assorted spelling fixes.
2006-06-16 11:32:29 +02:00
Jonathan Ernst
360a3f9142
Update the address of the Free Software Foundation.
2006-05-23 14:11:13 +02:00
Robert Shearman
3396a66ee7
server: Retrieve the groups for a token from the server.
2006-05-15 14:25:43 +02:00
Robert Shearman
0bf1c22cad
server: Handle failure of mem_alloc in duplicate_token.
2006-04-07 13:08:33 +02:00
Robert Shearman
9e0d0563c1
server: Handle possible mem_alloc failure in create_token.
2006-04-07 13:07:54 +02:00
Robert Shearman
d18711e282
server: Store the token source.
2006-03-30 12:41:23 +02:00
Alexandre Julliard
5fb2e68bb2
server: Added access rights mapping to token objects.
2005-12-12 15:01:08 +01:00
Alexandre Julliard
28beba31d6
server: Added infrastructure for access rights mapping.
2005-12-12 14:57:40 +01:00
Alexandre Julliard
24560e70bb
server: Make alloc_handle use attributes instead of inherit flag.
2005-12-09 13:58:25 +01:00
Alexandre Julliard
836d07c369
server: Use attributes instead of inherit flag in token requests.
...
Also use the specified access rights in the open_token request.
2005-12-09 12:17:19 +01:00
Ge van Geldorp
1a1583a364
Match PSDK STATUS_* definitions.
2005-11-28 17:32:54 +01:00
Vitaliy Margolen
baffcb95d3
Add name_lookup function in object_ops.
2005-11-22 14:55:42 +00:00
Robert Shearman
91eaea53ae
- Change the default user SID to match what was previously returned by
...
NtQueryInformationToken.
- Implement TokenUser for NtQueryInformationToken.
- Add a function for getting the user's registry path from a SID.
2005-07-18 13:22:55 +00:00
Robert Shearman
fbf0ea9f18
Store the default DACL in the token.
2005-07-13 19:31:27 +00:00
Robert Shearman
4bba21643c
Add support for impersonating a token.
2005-06-20 13:18:38 +00:00
Robert Shearman
dacc3dbfa5
Fix size used to validate the sids in aces.
2005-06-14 19:15:58 +00:00
Robert Shearman
f95ef09b8e
Add TokenType attribute to specify whether the token is a primary or
...
impersonation token.
2005-06-14 18:10:04 +00:00
Robert Shearman
3795709344
Change code style of form "if( x )" to "if (x)" for consistency.
2005-06-10 19:54:46 +00:00
Alexandre Julliard
b9b1ea9c9f
Added a close_handle method to the object operations, and use it to
...
implement registry notifications and the strange behavior of
CloseHandle on winstation/desktop handles.
2005-06-09 15:39:52 +00:00
Robert Shearman
9b82644d00
- Avoid evil signed bitfields.
...
- Fix bug with using wrong revision in security_sid_alloc.
- Add all builtin groups present in the Administrator token on Windows
to the default token.
2005-06-09 09:47:28 +00:00
Robert Shearman
4ad93416a8
Implement NtAccessCheck.
2005-05-24 12:32:18 +00:00
Robert Shearman
2a782c65bd
Add user attribute to token objects.
2005-05-16 17:52:46 +00:00
Michael Stefaniuc
d40517cb18
Change the type of 1 bit wide bitfields to unsigned.
2005-05-09 09:26:28 +00:00
Mike McCormack
f92fff66a2
Implemented NtSignalAndWaitForSingleObject.
2005-04-24 17:35:52 +00:00
Robert Shearman
d2ea92d14e
- Clean up well-known privileges.
...
- Implement checking tokens for privileges in the server.
- Implement NtPrivilegeCheck.
2005-04-22 21:17:15 +00:00
Robert Shearman
b0f02b28b9
- Implement AdjustTokenPrivileges, DuplicateTokenEx and
...
GetTokenInformation (for the TokenPrivileges case).
- Return STATUS_NO_TOKEN for OpenThreadToken when there is no token
set for the thread.
2005-02-11 11:52:06 +00:00
Mike McCormack
36cd6f5dbb
Added a security token object in wineserver.
2003-07-24 00:07:00 +00:00