mirror of
git://source.winehq.org/git/wine.git
synced 2024-10-14 09:57:19 +00:00
server: Add builtin admins ACE to default registry DACL.
This commit is contained in:
parent
171abcc401
commit
03d99df597
|
@ -3012,12 +3012,12 @@ static void test_GetNamedSecurityInfoA(void)
|
||||||
PSID system_sid = (PSID) system_ptr, user_sid;
|
PSID system_sid = (PSID) system_ptr, user_sid;
|
||||||
DWORD sid_size = sizeof(admin_ptr), user_size;
|
DWORD sid_size = sizeof(admin_ptr), user_size;
|
||||||
char invalid_path[] = "/an invalid file path";
|
char invalid_path[] = "/an invalid file path";
|
||||||
|
int users_ace_id = -1, admins_ace_id = -1, i;
|
||||||
char software_key[] = "MACHINE\\Software";
|
char software_key[] = "MACHINE\\Software";
|
||||||
char sd[SECURITY_DESCRIPTOR_MIN_LENGTH];
|
char sd[SECURITY_DESCRIPTOR_MIN_LENGTH];
|
||||||
SECURITY_DESCRIPTOR_CONTROL control;
|
SECURITY_DESCRIPTOR_CONTROL control;
|
||||||
ACL_SIZE_INFORMATION acl_size;
|
ACL_SIZE_INFORMATION acl_size;
|
||||||
CHAR windows_dir[MAX_PATH];
|
CHAR windows_dir[MAX_PATH];
|
||||||
int users_ace_id = -1, i;
|
|
||||||
PSECURITY_DESCRIPTOR pSD;
|
PSECURITY_DESCRIPTOR pSD;
|
||||||
ACCESS_ALLOWED_ACE *ace;
|
ACCESS_ALLOWED_ACE *ace;
|
||||||
BOOL bret = TRUE, isNT4;
|
BOOL bret = TRUE, isNT4;
|
||||||
|
@ -3030,6 +3030,7 @@ static void test_GetNamedSecurityInfoA(void)
|
||||||
PSID owner, group;
|
PSID owner, group;
|
||||||
BOOL dacl_present;
|
BOOL dacl_present;
|
||||||
PACL pDacl;
|
PACL pDacl;
|
||||||
|
BYTE flags;
|
||||||
|
|
||||||
if (!pSetNamedSecurityInfoA || !pGetNamedSecurityInfoA || !pCreateWellKnownSid)
|
if (!pSetNamedSecurityInfoA || !pGetNamedSecurityInfoA || !pCreateWellKnownSid)
|
||||||
{
|
{
|
||||||
|
@ -3228,6 +3229,8 @@ static void test_GetNamedSecurityInfoA(void)
|
||||||
ok(bret, "Failed to get ACE %d.\n", i);
|
ok(bret, "Failed to get ACE %d.\n", i);
|
||||||
bret = EqualSid(&ace->SidStart, users_sid);
|
bret = EqualSid(&ace->SidStart, users_sid);
|
||||||
if (bret) users_ace_id = i;
|
if (bret) users_ace_id = i;
|
||||||
|
bret = EqualSid(&ace->SidStart, admin_sid);
|
||||||
|
if (bret) admins_ace_id = i;
|
||||||
}
|
}
|
||||||
ok(users_ace_id != -1, "Bultin Users ACE not found.\n");
|
ok(users_ace_id != -1, "Bultin Users ACE not found.\n");
|
||||||
if (users_ace_id != -1)
|
if (users_ace_id != -1)
|
||||||
|
@ -3240,7 +3243,18 @@ static void test_GetNamedSecurityInfoA(void)
|
||||||
ok(ace->Mask == GENERIC_READ, "Builtin Users ACE has unexpected mask (0x%x != 0x%x)\n",
|
ok(ace->Mask == GENERIC_READ, "Builtin Users ACE has unexpected mask (0x%x != 0x%x)\n",
|
||||||
ace->Mask, GENERIC_READ);
|
ace->Mask, GENERIC_READ);
|
||||||
}
|
}
|
||||||
|
ok(admins_ace_id != -1, "Bultin Admins ACE not found.\n");
|
||||||
|
if (admins_ace_id != -1)
|
||||||
|
{
|
||||||
|
bret = pGetAce(pDacl, admins_ace_id, (VOID **)&ace);
|
||||||
|
ok(bret, "Failed to get Builtin Admins ACE.\n");
|
||||||
|
flags = ((ACE_HEADER *)ace)->AceFlags;
|
||||||
|
ok(flags == 0x0
|
||||||
|
|| broken(flags == (INHERIT_ONLY_ACE|CONTAINER_INHERIT_ACE|INHERITED_ACE)) /* w2k8 */,
|
||||||
|
"Builtin Admins ACE has unexpected flags (0x%x != 0x0)\n", flags);
|
||||||
|
ok(ace->Mask == KEY_ALL_ACCESS || broken(ace->Mask == GENERIC_ALL) /* w2k8 */,
|
||||||
|
"Builtin Admins ACE has unexpected mask (0x%x != 0x%x)\n", ace->Mask, KEY_ALL_ACCESS);
|
||||||
|
}
|
||||||
LocalFree(pSD);
|
LocalFree(pSD);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -347,7 +347,8 @@ static struct security_descriptor *key_get_sd( struct object *obj )
|
||||||
{
|
{
|
||||||
size_t users_sid_len = security_sid_len( security_builtin_users_sid );
|
size_t users_sid_len = security_sid_len( security_builtin_users_sid );
|
||||||
size_t admins_sid_len = security_sid_len( security_builtin_admins_sid );
|
size_t admins_sid_len = security_sid_len( security_builtin_admins_sid );
|
||||||
size_t dacl_len = sizeof(ACL) + offsetof( ACCESS_ALLOWED_ACE, SidStart ) + users_sid_len;
|
size_t dacl_len = sizeof(ACL) + 2 * offsetof( ACCESS_ALLOWED_ACE, SidStart )
|
||||||
|
+ users_sid_len + admins_sid_len;
|
||||||
ACCESS_ALLOWED_ACE *aaa;
|
ACCESS_ALLOWED_ACE *aaa;
|
||||||
ACL *dacl;
|
ACL *dacl;
|
||||||
|
|
||||||
|
@ -364,7 +365,7 @@ static struct security_descriptor *key_get_sd( struct object *obj )
|
||||||
dacl->AclRevision = ACL_REVISION;
|
dacl->AclRevision = ACL_REVISION;
|
||||||
dacl->Sbz1 = 0;
|
dacl->Sbz1 = 0;
|
||||||
dacl->AclSize = dacl_len;
|
dacl->AclSize = dacl_len;
|
||||||
dacl->AceCount = 1;
|
dacl->AceCount = 2;
|
||||||
dacl->Sbz2 = 0;
|
dacl->Sbz2 = 0;
|
||||||
aaa = (ACCESS_ALLOWED_ACE *)(dacl + 1);
|
aaa = (ACCESS_ALLOWED_ACE *)(dacl + 1);
|
||||||
aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
|
aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
|
||||||
|
@ -372,6 +373,12 @@ static struct security_descriptor *key_get_sd( struct object *obj )
|
||||||
aaa->Header.AceSize = offsetof( ACCESS_ALLOWED_ACE, SidStart ) + users_sid_len;
|
aaa->Header.AceSize = offsetof( ACCESS_ALLOWED_ACE, SidStart ) + users_sid_len;
|
||||||
aaa->Mask = GENERIC_READ;
|
aaa->Mask = GENERIC_READ;
|
||||||
memcpy( &aaa->SidStart, security_builtin_users_sid, users_sid_len );
|
memcpy( &aaa->SidStart, security_builtin_users_sid, users_sid_len );
|
||||||
|
aaa = (ACCESS_ALLOWED_ACE *)((char *)aaa + aaa->Header.AceSize);
|
||||||
|
aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
|
||||||
|
aaa->Header.AceFlags = 0;
|
||||||
|
aaa->Header.AceSize = offsetof( ACCESS_ALLOWED_ACE, SidStart ) + admins_sid_len;
|
||||||
|
aaa->Mask = KEY_ALL_ACCESS;
|
||||||
|
memcpy( &aaa->SidStart, security_builtin_admins_sid, admins_sid_len );
|
||||||
}
|
}
|
||||||
return key_default_sd;
|
return key_default_sd;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue