4fddab4813
server: The owner of a securable object should have all the standard access rights.
...
Cygwin fork() fails in NtCreateSymbolicLinkObject(). We successfully
create the link but then fail to alloc_handle() with STATUS_ACCESS_DENIED,
because the requested access rights exceed what the owner is allowed.
Allow it more.
Thank you to Dmitry Timoshkov for debugging the security details from
alloc_handle() onwards.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=48891
Signed-off-by: Damjan Jovanovic <damjan.jov@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
(cherry picked from commit 31e984a09d
2021-10-27 21:40:02 +02:00
42c03ef03f
advapi32/tests: Initialize luid in test_CreateRestrictedToken.
...
Signed-off-by: Gerald Pfeifer <gerald@pfeifer.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-11-25 21:39:19 +01:00
fa1b0fcf6c
server: Check duplicated handle access against the calling thread token and target process token.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:22:36 +02:00
d0bea3d702
server: Implement support for creating a process with a specified token.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:21:43 +02:00
d694928ec2
advapi32/tests: Add basic tests for CreateProcessAsUser().
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:18:29 +02:00
6946d78ed9
kernelbase: Implement CreateRestrictedToken().
...
Based on a patch by Michael Müller.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:58:45 +02:00
67f7d6872b
advapi32/tests: Add more tests for CreateRestrictedToken().
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:46:48 +02:00
965ebac6c1
advapi32/tests: Test which tokens DuplicateHandle() validates access against.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:46:46 +02:00
7ad5e1bc8a
kernelbase: Preserve last error when GetEnvironmentVariableA succeeds.
...
Avoid clobbering last error with NO_ERROR when GetEnvironmentVariableA
succeeds, matching the behavior of GetEnvironmentVariableW and
Windows.
Instead of naively saving and restoring the last error, call
RtlQueryEnvironmentVariable_U directly to avoid unnecessarily setting
it in the first place.
Signed-off-by: Vladimir Panteleev <git@vladimir.panteleev.md>
Signed-off-by: Gijs Vermeulen <gijsvrm@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-05-15 14:08:51 +02:00
a909baeb4e
tests: Report all errors when failing to wait for a child process.
...
Report the line number where the test failed to wait for the child so
one can identify which child process did not behave as expected.
Also wait_child_process() is meant for the general case so report
all non-crash error cases as test failures so they are accounted for.
Omit the "winetest_" prefix to match the other Wine test functions and
so the underlying winetest_wait_child_process() function can be wrapped
with the usual line-capturing macros.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=48651
Signed-off-by: Francois Gouget <fgouget@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-03-17 10:51:44 +01:00
efb5050894
advapi32/tests: Simplify the name of the test unit for child processes.
...
The official name (shown by --list) has no path nor extension.
Signed-off-by: Francois Gouget <fgouget@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-02-21 00:55:44 +01:00
0024d18430
advapi32: Fix the name and use of DOMAIN_GROUP_RID_USERS.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-02-02 18:48:23 +01:00
a7e1e4f72e
advapi32/tests: Use CreateWellKnownSid() directly.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-01-10 18:41:06 +01:00
10646ddb91
advapi32/tests: Remove some workarounds for older versions.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-01-09 09:25:01 +01:00
2114a4dd9b
advapi32/tests: Don't test function directly when reporting GetLastError().
...
Found with Coccinelle.
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-01-06 19:36:32 +01:00
4429b9f803
advapi32/tests: Use debug.h functions.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-12-17 16:55:16 +01:00
fde235da03
kernelbase: Implement EqualDomainSid.
...
Signed-off-by: Dmitry Timoshkov <dmitry@baikal.ru>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-11-12 22:05:58 +01:00
70bb655155
advapi32/tests: Fix test_process_security with non-English locale.
...
Signed-off-by: Gijs Vermeulen <gijsvrm@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-10-17 21:04:45 +02:00
1058647e14
server: Create primary group using DOMAIN_GROUP_RID_USERS.
...
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-05-01 11:15:29 +02:00
a7b8e84567
advapi32/tests: Add additional tests for NtAccessCheck.
...
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-26 21:36:25 +02:00
48821e2b16
advapi32/tests: Test prefix and use of TokenPrimaryGroup Sid.
...
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-26 21:28:19 +02:00
5a79077250
server: Add default security descriptor DACL for processes.
...
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=15980
Signed-off-by: Erich E. Hoover <erich.e.hoover@gmail.com>
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-24 21:57:48 +02:00
e11e8705eb
server: Add default security descriptor ownership for processes.
...
Signed-off-by: Erich E. Hoover <erich.e.hoover@gmail.com>
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-24 21:57:48 +02:00
2600ecd4ed
server: Use a separated object for each opened named pipe device file.
...
Allows using proper options for ioctl pseudo fd.
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-10-30 00:10:14 +01:00
afaada7e5f
advapi32: Add a name for WinBuiltinAnyPackageSid.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-10-08 09:32:36 +02:00
7c0cd8c740
advapi32: Add WinCreatorOwnerRightsSid to wellknown list.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-10-08 09:32:21 +02:00
7f30ad1e47
advapi32/tests: Test return SIDs for wellknown two-character names.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-10-08 09:32:14 +02:00
ac7ae92af1
server: Allow specifying the security descriptor for a new process.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-20 14:50:48 +02:00
39afcaac4a
server: Create the initial thread as a separate request.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-20 14:50:48 +02:00
adede14dc2
advapi32/tests: Add additional tests for passing a thread sd to CreateProcess.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-18 21:07:17 +02:00
056c0039b2
advapi32/tests: Allow ERROR_ACCESS_DENIED for newer Win10.
...
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-17 18:33:48 +02:00
56885a1ca9
advapi32/tests: Allow ERROR_ACCESS_DENIED for newer Win10.
...
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-10 12:31:58 +02:00
58233b47e0
kernel32: Always create file with FILE_READ_ATTRIBUTES access in CreateFile.
...
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-08-21 23:02:28 +02:00
7b5668a6e7
include: Make ARRAY_SIZE() available in wine/test.h.
...
Signed-off-by: Michael Stefaniuc <mstefani@winehq.org>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-05-25 12:09:17 +02:00
731f22835e
advapi32/tests: Add basic tests for BuildSecurityDescriptor.
...
Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-04-18 11:08:31 +02:00
9702de2002
advapi32/tests: Introduce ARRAY_SIZE macro.
...
Signed-off-by: Gijs Vermeulen <gijsvrm@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-03-20 11:37:25 +01:00
4bbbc261d1
ntdll: Support TokenLogonSid in NtQueryInformationToken.
...
Based on a patch by Andrew Wesie.
Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-02-07 19:38:29 +01:00
9ccce0ce64
advapi32/tests: Fix a couple of leaks (Valgrind).
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-01-11 19:11:33 +01:00
f6f5c96677
advapi32/tests: Fully initialize ACLs (Valgrind).
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-01-10 23:59:44 +01:00
84a9503298
advapi32/tests: Add tests for MakeSelfRelativeSD.
...
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-11-24 16:48:02 +01:00
1d03ba7611
advapi32: Fix parsing empty DACL/SACL security descriptor strings.
...
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-11-17 17:39:04 +01:00
07b629e8e4
advapi32: Implement GetExplicitEntriesFromAclW.
...
Signed-off-by: Vincent Povirk <vincent@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-11-13 21:20:49 +01:00
50fe77a358
advapi32/tests: Fix two clang warnings in test_LookupAccount SID_NAME_USE being out of range.
...
Signed-off-by: Gerald Pfeifer <gerald@pfeifer.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-11-06 21:26:39 +01:00
2ae0574d8e
advapi32/tests: Added GetTokenInformation TokenLogonSid test.
...
Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-09-28 17:54:35 +02:00
a0ac14456b
advapi32/tests: Fix a sid string leak (Valgrind).
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-07-11 20:55:56 +02:00
df522c5a06
advapi32/tests: Statically link to ConvertSidToStringSidA().
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-07-11 20:55:54 +02:00
6e082ea86a
advapi32/tests: A couple of spelling fixes in ok() messages.
...
Signed-off-by: Francois Gouget <fgouget@free.fr>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-07-06 18:49:38 +02:00
894837168c
advapi32/tests: Add a token mandatory label test.
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-19 09:50:35 +02:00
a78d419420
server: Assign a default label to all tokens.
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-19 09:50:32 +02:00
08f3fef34c
advapi32/tests: Show that child processes do not inherit mandatory labels.
...
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-19 09:50:25 +02:00
Damjan Jovanovic