Commit Graph

33 Commits

Author SHA1 Message Date
Ismael Luceno c35df50c30 server: Fix missing include for uid_t.
Explicitly include <sys/types.h> to make uid_t available to users of
server/security.h.

This is a problem on musl, and possibly other non-glibc systems.

Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-11-15 12:07:44 +01:00
Alexandre Julliard 2b5cefc92e server: Store the session id in the process token.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-07-01 22:34:31 +02:00
Zebediah Figura 4cca8b67d0 server: Create linked tokens as impersonation tokens.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=51347
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-06-30 18:46:16 +02:00
Zebediah Figura ec9244f056 ntdll: Implement NtQueryInformationToken(TokenLinkedToken).
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 21:41:59 +01:00
Zebediah Figura fa1b0fcf6c server: Check duplicated handle access against the calling thread token and target process token.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:22:36 +02:00
Michael Müller d0bea3d702 server: Implement support for creating a process with a specified token.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:21:43 +02:00
Michael Müller 8c5638aa5e ntdll: Implement NtFilterToken.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:58:10 +02:00
Erich E. Hoover e11e8705eb server: Add default security descriptor ownership for processes.
Signed-off-by: Erich E. Hoover <erich.e.hoover@gmail.com>
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-24 21:57:48 +02:00
Michael Müller a78d419420 server: Assign a default label to all tokens.
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-19 09:50:32 +02:00
Michael Müller 7c08e787b1 server: Implement setting a security descriptor when duplicating tokens.
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-15 11:12:24 +02:00
Michael Müller af2d01c2fa server: Implement changing the label of a security descriptor.
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-15 11:08:59 +02:00
Michael Müller 2ebe679638 server: Implement querying the security label of a security descriptor.
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-06-15 10:50:54 +02:00
Alexandre Julliard 9504e2addf server: Add a helper function to validate and return object attributes.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-01-16 00:05:57 +09:00
André Hentschel 5c6e2032d8 server: Add header guarding for security.h. 2015-03-19 14:08:06 +09:00
Erich Hoover 04cd764d76 server: Report a default DACL for registry keys. 2013-04-23 17:20:11 +02:00
Erich Hoover 56c1a8b062 server: Report administrator ownership by default for registry objects. 2013-04-11 13:15:58 +02:00
Alexandre Julliard 62beef5a72 server: Add a helper function to compute an SID length. 2013-04-11 13:00:06 +02:00
Michael Stefaniuc 794ad90982 server: Avoid TRUE:FALSE conditional expressions. 2012-08-13 11:50:16 +02:00
Hans Leidekker c65bcce589 server: Map the Unix user id to a local user SID instead of the interactive SID. 2011-03-02 12:50:59 +01:00
Ben Peddell b419df1de4 server: Include user groups in file mode calculation when user is file owner. 2009-12-11 17:47:30 +01:00
Alexandre Julliard f6d871eecf server: impersonation_level should be an int since we store -1 in it.
Make sure we don't check the impersonation level for primary tokens.
2008-03-26 14:38:49 +01:00
Rob Shearman f98556c119 server: Add the name length to the object_attributes structure so that other variable length data can be present after object_attributes. 2007-10-30 14:18:05 +01:00
Rob Shearman dd9e392796 server: Use the security descriptor passed in when creating events. 2007-10-25 12:47:22 +02:00
Rob Shearman cb124c9b12 server: Add primitive support for setting and getting the security descriptor of files based on their Unix permissions. 2007-10-04 12:30:52 +02:00
Rob Shearman 8184bcc91a server: Add a simple mapping from Unix uids to NT SIDs. 2007-10-04 12:30:52 +02:00
Rob Shearman 5af809abfd server: Move set_security_object to handle.c and set_object_sd to object.c.
These both don't operate on tokens so token.c is not the right place for 
them to be implemented.
2007-10-03 11:04:43 +02:00
Rob Shearman bdf964dce8 server: Move most of the duplicate_token request to a new function, token_duplicate, to enable the code to be used inside wineserver. 2007-05-30 11:46:32 +02:00
Rob Shearman 6a76a0ac7a server: Check object's security when creating handles.
Don't check object's security when duplicating a handle of the same or 
lower access rights. Based on a patch by Vitaliy Margolen.
2007-02-21 19:49:02 +01:00
Jonathan Ernst 360a3f9142 Update the address of the Free Software Foundation. 2006-05-23 14:11:13 +02:00
Robert Shearman 91eaea53ae - Change the default user SID to match what was previously returned by
NtQueryInformationToken.
- Implement TokenUser for NtQueryInformationToken.
- Add a function for getting the user's registry path from a SID.
2005-07-18 13:22:55 +00:00
Robert Shearman fbf0ea9f18 Store the default DACL in the token. 2005-07-13 19:31:27 +00:00
Robert Shearman 4bba21643c Add support for impersonating a token. 2005-06-20 13:18:38 +00:00
Robert Shearman d2ea92d14e - Clean up well-known privileges.
- Implement checking tokens for privileges in the server.
- Implement NtPrivilegeCheck.
2005-04-22 21:17:15 +00:00