Hans Leidekker
14191f2dd0
server: Dump token details.
...
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-05-02 16:05:30 +02:00
Alexandre Julliard
6b758dd1dc
server: Add a macro to define SIDs.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-02-07 19:38:29 +01:00
Alistair Leslie-Hughes
4bbbc261d1
ntdll: Support TokenLogonSid in NtQueryInformationToken.
...
Based on a patch by Andrew Wesie.
Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-02-07 19:38:29 +01:00
Michael Müller
a78d419420
server: Assign a default label to all tokens.
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-19 09:50:32 +02:00
Michael Müller
7c08e787b1
server: Implement setting a security descriptor when duplicating tokens.
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-15 11:12:24 +02:00
Michael Müller
af2d01c2fa
server: Implement changing the label of a security descriptor.
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-15 11:08:59 +02:00
Michael Müller
2ebe679638
server: Implement querying the security label of a security descriptor.
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-15 10:50:54 +02:00
Sebastian Lackner
0e42bce0b6
server: Fix handling of MAXIMUM_ALLOWED in token_access_check.
...
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-02-03 19:05:10 +01:00
André Hentschel
6b85b31b00
server: Remove dead assignment (clang).
...
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-01-31 08:52:09 +01:00
Alexandre Julliard
f55db7882d
server: Add link_name and unlink_name object operations.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-02-04 21:07:19 +09:00
Alexandre Julliard
9504e2addf
server: Add a helper function to validate and return object attributes.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-01-16 00:05:57 +09:00
Sebastian Lackner
25b0a4981b
server: Fix assignment of primary_group in token_duplicate.
...
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2015-12-21 18:17:03 +01:00
Hans Leidekker
e0206d9f8a
server: Make returning used privileges optional in token_access_check.
2015-07-17 20:19:36 +09:00
Hans Leidekker
aa407a2818
server: Accept mandatory label ACEs.
2015-04-17 14:53:18 +09:00
Hans Leidekker
7dfdcf3034
server: The token user SID must be present in the default DACL.
2013-07-30 14:43:34 +02:00
Erich Hoover
04cd764d76
server: Report a default DACL for registry keys.
2013-04-23 17:20:11 +02:00
Erich Hoover
56c1a8b062
server: Report administrator ownership by default for registry objects.
2013-04-11 13:15:58 +02:00
Alexandre Julliard
62beef5a72
server: Add a helper function to compute an SID length.
2013-04-11 13:00:06 +02:00
Michael Stefaniuc
794ad90982
server: Avoid TRUE:FALSE conditional expressions.
2012-08-13 11:50:16 +02:00
Nikolay Sivov
573db9ef63
ntdll: While requesting TokenGroups calculate required user buffer size in server.
2011-08-23 16:53:54 +02:00
Nikolay Sivov
7381858e98
include: Fix definition name.
2011-08-03 14:15:48 +02:00
Hans Leidekker
c65bcce589
server: Map the Unix user id to a local user SID instead of the interactive SID.
2011-03-02 12:50:59 +01:00
Ben Peddell
b419df1de4
server: Include user groups in file mode calculation when user is file owner.
2009-12-11 17:47:30 +01:00
Rob Shearman
bd56916f90
server: Extend get_token_user server call to also retrieve SIDs for the token's owner or primary group.
2009-11-17 15:14:54 +01:00
Hans Leidekker
24af6f3e01
server: Add requests to set and retrieve default dacl.
2009-04-21 15:40:26 +02:00
Alexandre Julliard
f6d871eecf
server: impersonation_level should be an int since we store -1 in it.
...
Make sure we don't check the impersonation level for primary tokens.
2008-03-26 14:38:49 +01:00
H. Verbeet
3120c0861c
server: Don't drop the SE_GROUP_LOGON_ID attribute.
2008-03-18 11:15:06 +01:00
Alexandre Julliard
8382eb01b2
server: Return correct object types in the get_directory_entry request.
2007-12-05 18:16:42 +01:00
Rob Shearman
f98556c119
server: Add the name length to the object_attributes structure so that other variable length data can be present after object_attributes.
2007-10-30 14:18:05 +01:00
Rob Shearman
e51f8490f2
server: Ignore ACEs with the INHERIT_ONLY_ACE flag set during access checks.
2007-10-26 12:46:30 +02:00
Rob Shearman
dd9e392796
server: Use the security descriptor passed in when creating events.
2007-10-25 12:47:22 +02:00
Rob Shearman
12e44bf299
server: Fix token_access_check to allow full access to security descriptors with present but NULL DACLs.
2007-10-16 13:17:22 +02:00
Rob Shearman
cb124c9b12
server: Add primitive support for setting and getting the security descriptor of files based on their Unix permissions.
2007-10-04 12:30:52 +02:00
Rob Shearman
c1707d8938
server: Add get_sd and set_sd object operations to allow the security descriptor to be stored somewhere other than server memory, such as on disk.
2007-10-04 12:30:52 +02:00
Rob Shearman
8184bcc91a
server: Add a simple mapping from Unix uids to NT SIDs.
2007-10-04 12:30:52 +02:00
Rob Shearman
45b6706a32
server: Use ACL_REVISION in create_default_dacl instead of MAX_ACL_REVISION since we don't use any features from later ACL revisions.
2007-10-03 11:16:53 +02:00
Rob Shearman
5af809abfd
server: Move set_security_object to handle.c and set_object_sd to object.c.
...
These both don't operate on tokens so token.c is not the right place for
them to be implemented.
2007-10-03 11:04:43 +02:00
Rob Shearman
3f431a0646
server: Add get_token_statistics server call and use it to implement the TokenStatistics and TokenType levels for NtQueryInformationToken.
2007-09-14 14:43:46 +02:00
Peter Dons Tychsen
ec4d8903ef
server: Added the install driver privilege to the default user.
2007-07-31 20:32:40 +02:00
Rob Shearman
bdf964dce8
server: Move most of the duplicate_token request to a new function, token_duplicate, to enable the code to be used inside wineserver.
2007-05-30 11:46:32 +02:00
Rob Shearman
fa074bc544
server: Add the logon SID to the default admin token's groups.
2007-05-18 14:11:44 +02:00
Alexandre Julliard
7e71c1ddee
server: Add an open_file() function to the object operations.
2007-03-22 11:44:29 +01:00
Alexandre Julliard
bf17ce86d4
server: Use internal luid_t type where appropriate.
2007-03-07 13:45:11 +01:00
Juan Lang
c2cb296277
ntdll: Implement NtAllocateLocallyUniqueId with server call.
2007-03-07 13:45:11 +01:00
Rob Shearman
221e01abd2
server: A general solution for handling MAXIMUM_ALLOWED access right has been implemented so remove the workarounds.
2007-03-06 22:17:39 +01:00
Rob Shearman
d342d1413c
server: Add get_token_impersonation_level server call for retrieving the impersonation level from a token.
...
Add tests for GetTokenInformation(TokenImpersonationLevel).
2007-02-21 19:49:37 +01:00
Rob Shearman
6a76a0ac7a
server: Check object's security when creating handles.
...
Don't check object's security when duplicating a handle of the same or
lower access rights. Based on a patch by Vitaliy Margolen.
2007-02-21 19:49:02 +01:00
Rob Shearman
c9b9847dce
server: Track the impersonation level of tokens.
2007-02-16 13:09:55 +01:00
Rob Shearman
df0d625351
server: Track IDs for tokens and modifications made to tokens.
2007-02-16 13:09:49 +01:00
Vitaliy Margolen
b0e9d7e0b5
ntdll/server: Implement NtSetSecurityObject. With tests.
2007-02-15 14:19:24 +01:00