Commit Graph

74 Commits

Author SHA1 Message Date
Hans Leidekker aa407a2818 server: Accept mandatory label ACEs. 2015-04-17 14:53:18 +09:00
Hans Leidekker 7dfdcf3034 server: The token user SID must be present in the default DACL. 2013-07-30 14:43:34 +02:00
Erich Hoover 04cd764d76 server: Report a default DACL for registry keys. 2013-04-23 17:20:11 +02:00
Erich Hoover 56c1a8b062 server: Report administrator ownership by default for registry objects. 2013-04-11 13:15:58 +02:00
Alexandre Julliard 62beef5a72 server: Add a helper function to compute an SID length. 2013-04-11 13:00:06 +02:00
Michael Stefaniuc 794ad90982 server: Avoid TRUE:FALSE conditional expressions. 2012-08-13 11:50:16 +02:00
Nikolay Sivov 573db9ef63 ntdll: While requesting TokenGroups calculate required user buffer size in server. 2011-08-23 16:53:54 +02:00
Nikolay Sivov 7381858e98 include: Fix definition name. 2011-08-03 14:15:48 +02:00
Hans Leidekker c65bcce589 server: Map the Unix user id to a local user SID instead of the interactive SID. 2011-03-02 12:50:59 +01:00
Ben Peddell b419df1de4 server: Include user groups in file mode calculation when user is file owner. 2009-12-11 17:47:30 +01:00
Rob Shearman bd56916f90 server: Extend get_token_user server call to also retrieve SIDs for the token's owner or primary group. 2009-11-17 15:14:54 +01:00
Hans Leidekker 24af6f3e01 server: Add requests to set and retrieve default dacl. 2009-04-21 15:40:26 +02:00
Alexandre Julliard f6d871eecf server: impersonation_level should be an int since we store -1 in it.
Make sure we don't check the impersonation level for primary tokens.
2008-03-26 14:38:49 +01:00
H. Verbeet 3120c0861c server: Don't drop the SE_GROUP_LOGON_ID attribute. 2008-03-18 11:15:06 +01:00
Alexandre Julliard 8382eb01b2 server: Return correct object types in the get_directory_entry request. 2007-12-05 18:16:42 +01:00
Rob Shearman f98556c119 server: Add the name length to the object_attributes structure so that other variable length data can be present after object_attributes. 2007-10-30 14:18:05 +01:00
Rob Shearman e51f8490f2 server: Ignore ACEs with the INHERIT_ONLY_ACE flag set during access checks. 2007-10-26 12:46:30 +02:00
Rob Shearman dd9e392796 server: Use the security descriptor passed in when creating events. 2007-10-25 12:47:22 +02:00
Rob Shearman 12e44bf299 server: Fix token_access_check to allow full access to security descriptors with present but NULL DACLs. 2007-10-16 13:17:22 +02:00
Rob Shearman cb124c9b12 server: Add primitive support for setting and getting the security descriptor of files based on their Unix permissions. 2007-10-04 12:30:52 +02:00
Rob Shearman c1707d8938 server: Add get_sd and set_sd object operations to allow the security descriptor to be stored somewhere other than server memory, such as on disk. 2007-10-04 12:30:52 +02:00
Rob Shearman 8184bcc91a server: Add a simple mapping from Unix uids to NT SIDs. 2007-10-04 12:30:52 +02:00
Rob Shearman 45b6706a32 server: Use ACL_REVISION in create_default_dacl instead of MAX_ACL_REVISION since we don't use any features from later ACL revisions. 2007-10-03 11:16:53 +02:00
Rob Shearman 5af809abfd server: Move set_security_object to handle.c and set_object_sd to object.c.
These both don't operate on tokens so token.c is not the right place for 
them to be implemented.
2007-10-03 11:04:43 +02:00
Rob Shearman 3f431a0646 server: Add get_token_statistics server call and use it to implement the TokenStatistics and TokenType levels for NtQueryInformationToken. 2007-09-14 14:43:46 +02:00
Peter Dons Tychsen ec4d8903ef server: Added the install driver privilege to the default user. 2007-07-31 20:32:40 +02:00
Rob Shearman bdf964dce8 server: Move most of the duplicate_token request to a new function, token_duplicate, to enable the code to be used inside wineserver. 2007-05-30 11:46:32 +02:00
Rob Shearman fa074bc544 server: Add the logon SID to the default admin token's groups. 2007-05-18 14:11:44 +02:00
Alexandre Julliard 7e71c1ddee server: Add an open_file() function to the object operations. 2007-03-22 11:44:29 +01:00
Alexandre Julliard bf17ce86d4 server: Use internal luid_t type where appropriate. 2007-03-07 13:45:11 +01:00
Juan Lang c2cb296277 ntdll: Implement NtAllocateLocallyUniqueId with server call. 2007-03-07 13:45:11 +01:00
Rob Shearman 221e01abd2 server: A general solution for handling MAXIMUM_ALLOWED access right has been implemented so remove the workarounds. 2007-03-06 22:17:39 +01:00
Rob Shearman d342d1413c server: Add get_token_impersonation_level server call for retrieving the impersonation level from a token.
Add tests for GetTokenInformation(TokenImpersonationLevel).
2007-02-21 19:49:37 +01:00
Rob Shearman 6a76a0ac7a server: Check object's security when creating handles.
Don't check object's security when duplicating a handle of the same or 
lower access rights. Based on a patch by Vitaliy Margolen.
2007-02-21 19:49:02 +01:00
Rob Shearman c9b9847dce server: Track the impersonation level of tokens. 2007-02-16 13:09:55 +01:00
Rob Shearman df0d625351 server: Track IDs for tokens and modifications made to tokens. 2007-02-16 13:09:49 +01:00
Vitaliy Margolen b0e9d7e0b5 ntdll/server: Implement NtSetSecurityObject. With tests. 2007-02-15 14:19:24 +01:00
Vitaliy Margolen 6413a9c193 server: Get the primary group from the token's groups. 2007-02-13 17:47:43 +01:00
Vitaliy Margolen aa28ed0162 server: Fix typo. Should be group not owner. 2007-02-08 11:56:12 +01:00
Vitaliy Margolen 55fdda4c3e server: Prevent a crash on error while creating a token. 2007-01-25 12:52:39 +01:00
Vitaliy Margolen fad936c7c5 server: Reverse return value and status in token_access_check to be consistent. 2007-01-25 12:44:35 +01:00
Vitaliy Margolen 2cf11ef771 advapi32: Add few more tests for token access check and fix it on Wine. 2007-01-25 12:42:32 +01:00
Vitaliy Margolen 97b122c03f server: User correct user sid for the default_dacl. 2007-01-22 12:02:10 +01:00
Andrew Talbot 53dae9b7f5 server: Cast-qual warnings fix. 2006-12-18 11:40:03 +01:00
Michael Stefaniuc 5cecceccb2 server: Remove redundant NULL check before free() (found by Smatch). 2006-10-10 12:56:16 +02:00
Michael Stefaniuc a624977f21 server: Fix some comparisons between signed and unsigned. 2006-07-26 11:11:04 +02:00
Alexandre Julliard 0f273c17ff server: Added data_size_t type to represent sizes in the server protocol.
Make it an unsigned int to save some space on Win64, if we need to
transfer more than 4Gb over the server pipe something is seriously
wrong.
2006-07-26 11:11:03 +02:00
Francois Gouget 11ae0f6386 Assorted spelling fixes. 2006-06-16 11:32:29 +02:00
Jonathan Ernst 360a3f9142 Update the address of the Free Software Foundation. 2006-05-23 14:11:13 +02:00
Robert Shearman 3396a66ee7 server: Retrieve the groups for a token from the server. 2006-05-15 14:25:43 +02:00