system/wine
system/wine
1
0
Fork 0
mirror of git://source.winehq.org/git/wine.git synced 2024-11-01 10:25:39 +00:00
Code Issues Projects Releases Packages Wiki Activity
163313 commits 3 branches 785 tags 324 MiB
Commit graph

122 commits

Author SHA1 Message Date
Jinoh Kang
9090229e67 server: Use the token owner instead of the token user for default object owner. 
Also, replace the token user with the token owner for the default DACL
as well.  Wine currently selects domain_users_sid as the token owner, so
use that.  This is required to pass the advapi32:security test which
expects the security descriptor owner SID to be referenced in the DACL
as well.
 2022-07-20 22:33:44 +02:00
Alexandre Julliard
dd99319cde server: Return the full token group for TokenLogonSid. 
Based on a patch by Fabian Maurer.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=52845
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-04-25 13:24:02 +02:00
Alexandre Julliard
1a0f082682 server: Store the full group attributes. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-04-25 12:53:19 +02:00
Alexandre Julliard
868af0c500 server: Don't depend on the TOKEN_GROUPS structure on the server side. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:35:54 +01:00
Alexandre Julliard
990cc1c64b server: Define a server-side structure for SID. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:32:11 +01:00
Alexandre Julliard
841b8862fb server: Define a server-side structure for ACE. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:21:14 +01:00
Alexandre Julliard
c36f81fa75 server: Define a server-side structure for ACL. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:10:40 +01:00
Alexandre Julliard
bf3442fab6 server: Define a server-side structure for SID_AND_ATTRIBUTES. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:03:14 +01:00
Alexandre Julliard
7d7322671c server: Define a server-side structure for LUID_AND_ATTRIBUTES. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 11:55:40 +01:00
Alexandre Julliard
1381be977b server: Add sys/types.h include in a few more files. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-10-11 11:44:02 +02:00
Alexandre Julliard
eb69da2a9c ntdll: Implement NtQueryInformationToken(TokenSessionId). 
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=46595
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-01 22:34:31 +02:00
Alexandre Julliard
2b5cefc92e server: Store the session id in the process token. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-01 22:34:31 +02:00
Zebediah Figura
4cca8b67d0 server: Create linked tokens as impersonation tokens. 
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=51347
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-06-30 18:46:16 +02:00
Damjan Jovanovic
31e984a09d server: The owner of a securable object should have all the standard access rights. 
Cygwin fork() fails in NtCreateSymbolicLinkObject(). We successfully
create the link but then fail to alloc_handle() with STATUS_ACCESS_DENIED,
because the requested access rights exceed what the owner is allowed.
Allow it more.

Thank you to Dmitry Timoshkov for debugging the security details from
alloc_handle() onwards.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=48891
Signed-off-by: Damjan Jovanovic <damjan.jov@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-06-08 22:28:44 +02:00
Alexandre Julliard
6f7b56a198 server: Merge the various token information queries. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-17 21:42:18 +01:00
Zebediah Figura
ec9244f056 ntdll: Implement NtQueryInformationToken(TokenLinkedToken). 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-17 21:41:59 +01:00
Zebediah Figura
c96749790b ntdll: Implement NtQueryInformationToken(TokenElevationType). 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-17 16:28:13 +01:00
Michael Müller
f68659c6e8 server: Grant the same access rights when req->access is zero in duplicate_token. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-08 11:07:31 +01:00
Alexandre Julliard
d6ef9401b3 server: Use the object type information to implement access mapping. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-05 22:53:46 +01:00
Alexandre Julliard
4d646de90d server: Add generic mapping masks for all object types. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-05 15:38:22 +01:00
Alexandre Julliard
c6f2aacb57 server: Add a type descriptor to all server objects. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-04 21:25:32 +01:00
Alexandre Julliard
928a22cd02 server: Add a data type for generic access mappings. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-04 21:25:32 +01:00
Paul Gofman
9df7a2efc3 server: Add SeTcbPrivilege (SE_TCB_NAME) to the list of admin privileges. 
Fixes Origin client update failure.

Signed-off-by: Paul Gofman <pgofman@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-10-14 21:33:17 +02:00
Zebediah Figura
fa1b0fcf6c server: Check duplicated handle access against the calling thread token and target process token. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-24 15:22:36 +02:00
Michael Müller
d0bea3d702 server: Implement support for creating a process with a specified token. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-24 15:21:43 +02:00
Michael Müller
8c5638aa5e ntdll: Implement NtFilterToken. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-23 15:58:10 +02:00
Alexandre Julliard
2e51f9aae3 server: Add an object operation to retrieve an object name. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-22 16:55:08 +02:00
Alexandre Julliard
8286b780a4 server: Don't use wine/unicode.h. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-03-24 19:43:38 +01:00
Qian Hong
1058647e14 server: Create primary group using DOMAIN_GROUP_RID_USERS. 
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-05-01 11:15:29 +02:00
Erich E. Hoover
e11e8705eb server: Add default security descriptor ownership for processes. 
Signed-off-by: Erich E. Hoover <erich.e.hoover@gmail.com>
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-04-24 21:57:48 +02:00
Michael Müller
f926811e0d server: Correctly validate SID length in sd_is_valid. 
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-04-03 20:34:36 +02:00
Jacek Caban
b2a546c92d server: Introduce kernel_object struct for generic association between server and kernel objects. 
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-03-26 13:55:15 +01:00
Jacek Caban
c55c4ab88c server: Support token object type. 
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-02-22 14:27:22 +01:00
Michael Stefaniuc
9e365e4ecc server: Use the ARRAY_SIZE() macro. 
Signed-off-by: Michael Stefaniuc <mstefani@winehq.org>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-10-23 13:56:55 +02:00
Hans Leidekker
fc3057c4f3 server: Store the token owner separately. 
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-05-02 16:05:32 +02:00
Hans Leidekker
14191f2dd0 server: Dump token details. 
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-05-02 16:05:30 +02:00
Alexandre Julliard
6b758dd1dc server: Add a macro to define SIDs. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-02-07 19:38:29 +01:00
Alistair Leslie-Hughes
4bbbc261d1 ntdll: Support TokenLogonSid in NtQueryInformationToken. 
Based on a patch by Andrew Wesie.

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-02-07 19:38:29 +01:00
Michael Müller
a78d419420 server: Assign a default label to all tokens. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-19 09:50:32 +02:00
Michael Müller
7c08e787b1 server: Implement setting a security descriptor when duplicating tokens. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 11:12:24 +02:00
Michael Müller
af2d01c2fa server: Implement changing the label of a security descriptor. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 11:08:59 +02:00
Michael Müller
2ebe679638 server: Implement querying the security label of a security descriptor. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 10:50:54 +02:00
Sebastian Lackner
0e42bce0b6 server: Fix handling of MAXIMUM_ALLOWED in token_access_check. 
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-02-03 19:05:10 +01:00
André Hentschel
6b85b31b00 server: Remove dead assignment (clang). 
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-01-31 08:52:09 +01:00
Alexandre Julliard
f55db7882d server: Add link_name and unlink_name object operations. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2016-02-04 21:07:19 +09:00
Alexandre Julliard
9504e2addf server: Add a helper function to validate and return object attributes. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2016-01-16 00:05:57 +09:00
Sebastian Lackner
25b0a4981b server: Fix assignment of primary_group in token_duplicate. 
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2015-12-21 18:17:03 +01:00
Hans Leidekker
e0206d9f8a server: Make returning used privileges optional in token_access_check. 2015-07-17 20:19:36 +09:00
Hans Leidekker
aa407a2818 server: Accept mandatory label ACEs. 2015-04-17 14:53:18 +09:00
Hans Leidekker
7dfdcf3034 server: The token user SID must be present in the default DACL. 2013-07-30 14:43:34 +02:00