Michael Müller
|
a78d419420
|
server: Assign a default label to all tokens.
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2017-06-19 09:50:32 +02:00 |
Michael Müller
|
7c08e787b1
|
server: Implement setting a security descriptor when duplicating tokens.
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2017-06-15 11:12:24 +02:00 |
Michael Müller
|
af2d01c2fa
|
server: Implement changing the label of a security descriptor.
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2017-06-15 11:08:59 +02:00 |
Michael Müller
|
2ebe679638
|
server: Implement querying the security label of a security descriptor.
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2017-06-15 10:50:54 +02:00 |
Sebastian Lackner
|
0e42bce0b6
|
server: Fix handling of MAXIMUM_ALLOWED in token_access_check.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2017-02-03 19:05:10 +01:00 |
André Hentschel
|
6b85b31b00
|
server: Remove dead assignment (clang).
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2017-01-31 08:52:09 +01:00 |
Alexandre Julliard
|
f55db7882d
|
server: Add link_name and unlink_name object operations.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2016-02-04 21:07:19 +09:00 |
Alexandre Julliard
|
9504e2addf
|
server: Add a helper function to validate and return object attributes.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2016-01-16 00:05:57 +09:00 |
Sebastian Lackner
|
25b0a4981b
|
server: Fix assignment of primary_group in token_duplicate.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
|
2015-12-21 18:17:03 +01:00 |
Hans Leidekker
|
e0206d9f8a
|
server: Make returning used privileges optional in token_access_check.
|
2015-07-17 20:19:36 +09:00 |
Hans Leidekker
|
aa407a2818
|
server: Accept mandatory label ACEs.
|
2015-04-17 14:53:18 +09:00 |
Hans Leidekker
|
7dfdcf3034
|
server: The token user SID must be present in the default DACL.
|
2013-07-30 14:43:34 +02:00 |
Erich Hoover
|
04cd764d76
|
server: Report a default DACL for registry keys.
|
2013-04-23 17:20:11 +02:00 |
Erich Hoover
|
56c1a8b062
|
server: Report administrator ownership by default for registry objects.
|
2013-04-11 13:15:58 +02:00 |
Alexandre Julliard
|
62beef5a72
|
server: Add a helper function to compute an SID length.
|
2013-04-11 13:00:06 +02:00 |
Michael Stefaniuc
|
794ad90982
|
server: Avoid TRUE:FALSE conditional expressions.
|
2012-08-13 11:50:16 +02:00 |
Nikolay Sivov
|
573db9ef63
|
ntdll: While requesting TokenGroups calculate required user buffer size in server.
|
2011-08-23 16:53:54 +02:00 |
Nikolay Sivov
|
7381858e98
|
include: Fix definition name.
|
2011-08-03 14:15:48 +02:00 |
Hans Leidekker
|
c65bcce589
|
server: Map the Unix user id to a local user SID instead of the interactive SID.
|
2011-03-02 12:50:59 +01:00 |
Ben Peddell
|
b419df1de4
|
server: Include user groups in file mode calculation when user is file owner.
|
2009-12-11 17:47:30 +01:00 |
Rob Shearman
|
bd56916f90
|
server: Extend get_token_user server call to also retrieve SIDs for the token's owner or primary group.
|
2009-11-17 15:14:54 +01:00 |
Hans Leidekker
|
24af6f3e01
|
server: Add requests to set and retrieve default dacl.
|
2009-04-21 15:40:26 +02:00 |
Alexandre Julliard
|
f6d871eecf
|
server: impersonation_level should be an int since we store -1 in it.
Make sure we don't check the impersonation level for primary tokens.
|
2008-03-26 14:38:49 +01:00 |
H. Verbeet
|
3120c0861c
|
server: Don't drop the SE_GROUP_LOGON_ID attribute.
|
2008-03-18 11:15:06 +01:00 |
Alexandre Julliard
|
8382eb01b2
|
server: Return correct object types in the get_directory_entry request.
|
2007-12-05 18:16:42 +01:00 |
Rob Shearman
|
f98556c119
|
server: Add the name length to the object_attributes structure so that other variable length data can be present after object_attributes.
|
2007-10-30 14:18:05 +01:00 |
Rob Shearman
|
e51f8490f2
|
server: Ignore ACEs with the INHERIT_ONLY_ACE flag set during access checks.
|
2007-10-26 12:46:30 +02:00 |
Rob Shearman
|
dd9e392796
|
server: Use the security descriptor passed in when creating events.
|
2007-10-25 12:47:22 +02:00 |
Rob Shearman
|
12e44bf299
|
server: Fix token_access_check to allow full access to security descriptors with present but NULL DACLs.
|
2007-10-16 13:17:22 +02:00 |
Rob Shearman
|
cb124c9b12
|
server: Add primitive support for setting and getting the security descriptor of files based on their Unix permissions.
|
2007-10-04 12:30:52 +02:00 |
Rob Shearman
|
c1707d8938
|
server: Add get_sd and set_sd object operations to allow the security descriptor to be stored somewhere other than server memory, such as on disk.
|
2007-10-04 12:30:52 +02:00 |
Rob Shearman
|
8184bcc91a
|
server: Add a simple mapping from Unix uids to NT SIDs.
|
2007-10-04 12:30:52 +02:00 |
Rob Shearman
|
45b6706a32
|
server: Use ACL_REVISION in create_default_dacl instead of MAX_ACL_REVISION since we don't use any features from later ACL revisions.
|
2007-10-03 11:16:53 +02:00 |
Rob Shearman
|
5af809abfd
|
server: Move set_security_object to handle.c and set_object_sd to object.c.
These both don't operate on tokens so token.c is not the right place for
them to be implemented.
|
2007-10-03 11:04:43 +02:00 |
Rob Shearman
|
3f431a0646
|
server: Add get_token_statistics server call and use it to implement the TokenStatistics and TokenType levels for NtQueryInformationToken.
|
2007-09-14 14:43:46 +02:00 |
Peter Dons Tychsen
|
ec4d8903ef
|
server: Added the install driver privilege to the default user.
|
2007-07-31 20:32:40 +02:00 |
Rob Shearman
|
bdf964dce8
|
server: Move most of the duplicate_token request to a new function, token_duplicate, to enable the code to be used inside wineserver.
|
2007-05-30 11:46:32 +02:00 |
Rob Shearman
|
fa074bc544
|
server: Add the logon SID to the default admin token's groups.
|
2007-05-18 14:11:44 +02:00 |
Alexandre Julliard
|
7e71c1ddee
|
server: Add an open_file() function to the object operations.
|
2007-03-22 11:44:29 +01:00 |
Alexandre Julliard
|
bf17ce86d4
|
server: Use internal luid_t type where appropriate.
|
2007-03-07 13:45:11 +01:00 |
Juan Lang
|
c2cb296277
|
ntdll: Implement NtAllocateLocallyUniqueId with server call.
|
2007-03-07 13:45:11 +01:00 |
Rob Shearman
|
221e01abd2
|
server: A general solution for handling MAXIMUM_ALLOWED access right has been implemented so remove the workarounds.
|
2007-03-06 22:17:39 +01:00 |
Rob Shearman
|
d342d1413c
|
server: Add get_token_impersonation_level server call for retrieving the impersonation level from a token.
Add tests for GetTokenInformation(TokenImpersonationLevel).
|
2007-02-21 19:49:37 +01:00 |
Rob Shearman
|
6a76a0ac7a
|
server: Check object's security when creating handles.
Don't check object's security when duplicating a handle of the same or
lower access rights. Based on a patch by Vitaliy Margolen.
|
2007-02-21 19:49:02 +01:00 |
Rob Shearman
|
c9b9847dce
|
server: Track the impersonation level of tokens.
|
2007-02-16 13:09:55 +01:00 |
Rob Shearman
|
df0d625351
|
server: Track IDs for tokens and modifications made to tokens.
|
2007-02-16 13:09:49 +01:00 |
Vitaliy Margolen
|
b0e9d7e0b5
|
ntdll/server: Implement NtSetSecurityObject. With tests.
|
2007-02-15 14:19:24 +01:00 |
Vitaliy Margolen
|
6413a9c193
|
server: Get the primary group from the token's groups.
|
2007-02-13 17:47:43 +01:00 |
Vitaliy Margolen
|
aa28ed0162
|
server: Fix typo. Should be group not owner.
|
2007-02-08 11:56:12 +01:00 |
Vitaliy Margolen
|
55fdda4c3e
|
server: Prevent a crash on error while creating a token.
|
2007-01-25 12:52:39 +01:00 |