system/wine
system/wine
1
0
Fork 0
mirror of git://source.winehq.org/git/wine.git synced 2024-11-01 09:50:52 +00:00
Code Issues Projects Releases Packages Wiki Activity
161371 commits 3 branches 785 tags 324 MiB
Commit graph

38 commits

Author SHA1 Message Date
Jinoh Kang
9090229e67 server: Use the token owner instead of the token user for default object owner. 
Also, replace the token user with the token owner for the default DACL
as well.  Wine currently selects domain_users_sid as the token owner, so
use that.  This is required to pass the advapi32:security test which
expects the security descriptor owner SID to be referenced in the DACL
as well.
 2022-07-20 22:33:44 +02:00
Alexandre Julliard
990cc1c64b server: Define a server-side structure for SID. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:32:11 +01:00
Alexandre Julliard
841b8862fb server: Define a server-side structure for ACE. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:21:14 +01:00
Alexandre Julliard
c36f81fa75 server: Define a server-side structure for ACL. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:10:40 +01:00
Alexandre Julliard
7d7322671c server: Define a server-side structure for LUID_AND_ATTRIBUTES. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 11:55:40 +01:00
Ismael Luceno
c35df50c30 server: Fix missing include for uid_t. 
Explicitly include <sys/types.h> to make uid_t available to users of
server/security.h.

This is a problem on musl, and possibly other non-glibc systems.

Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-11-15 12:07:44 +01:00
Alexandre Julliard
2b5cefc92e server: Store the session id in the process token. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-01 22:34:31 +02:00
Zebediah Figura
4cca8b67d0 server: Create linked tokens as impersonation tokens. 
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=51347
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-06-30 18:46:16 +02:00
Zebediah Figura
ec9244f056 ntdll: Implement NtQueryInformationToken(TokenLinkedToken). 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-17 21:41:59 +01:00
Zebediah Figura
fa1b0fcf6c server: Check duplicated handle access against the calling thread token and target process token. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-24 15:22:36 +02:00
Michael Müller
d0bea3d702 server: Implement support for creating a process with a specified token. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-24 15:21:43 +02:00
Michael Müller
8c5638aa5e ntdll: Implement NtFilterToken. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-23 15:58:10 +02:00
Erich E. Hoover
e11e8705eb server: Add default security descriptor ownership for processes. 
Signed-off-by: Erich E. Hoover <erich.e.hoover@gmail.com>
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-04-24 21:57:48 +02:00
Michael Müller
a78d419420 server: Assign a default label to all tokens. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-19 09:50:32 +02:00
Michael Müller
7c08e787b1 server: Implement setting a security descriptor when duplicating tokens. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 11:12:24 +02:00
Michael Müller
af2d01c2fa server: Implement changing the label of a security descriptor. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 11:08:59 +02:00
Michael Müller
2ebe679638 server: Implement querying the security label of a security descriptor. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 10:50:54 +02:00
Alexandre Julliard
9504e2addf server: Add a helper function to validate and return object attributes. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2016-01-16 00:05:57 +09:00
André Hentschel
5c6e2032d8 server: Add header guarding for security.h. 2015-03-19 14:08:06 +09:00
Erich Hoover
04cd764d76 server: Report a default DACL for registry keys. 2013-04-23 17:20:11 +02:00
Erich Hoover
56c1a8b062 server: Report administrator ownership by default for registry objects. 2013-04-11 13:15:58 +02:00
Alexandre Julliard
62beef5a72 server: Add a helper function to compute an SID length. 2013-04-11 13:00:06 +02:00
Michael Stefaniuc
794ad90982 server: Avoid TRUE:FALSE conditional expressions. 2012-08-13 11:50:16 +02:00
Hans Leidekker
c65bcce589 server: Map the Unix user id to a local user SID instead of the interactive SID. 2011-03-02 12:50:59 +01:00
Ben Peddell
b419df1de4 server: Include user groups in file mode calculation when user is file owner. 2009-12-11 17:47:30 +01:00
Alexandre Julliard
f6d871eecf server: impersonation_level should be an int since we store -1 in it. 
Make sure we don't check the impersonation level for primary tokens.
 2008-03-26 14:38:49 +01:00
Rob Shearman
f98556c119 server: Add the name length to the object_attributes structure so that other variable length data can be present after object_attributes. 2007-10-30 14:18:05 +01:00
Rob Shearman
dd9e392796 server: Use the security descriptor passed in when creating events. 2007-10-25 12:47:22 +02:00
Rob Shearman
cb124c9b12 server: Add primitive support for setting and getting the security descriptor of files based on their Unix permissions. 2007-10-04 12:30:52 +02:00
Rob Shearman
8184bcc91a server: Add a simple mapping from Unix uids to NT SIDs. 2007-10-04 12:30:52 +02:00
Rob Shearman
5af809abfd server: Move set_security_object to handle.c and set_object_sd to object.c. 
These both don't operate on tokens so token.c is not the right place for 
them to be implemented.
 2007-10-03 11:04:43 +02:00
Rob Shearman
bdf964dce8 server: Move most of the duplicate_token request to a new function, token_duplicate, to enable the code to be used inside wineserver. 2007-05-30 11:46:32 +02:00
Rob Shearman
6a76a0ac7a server: Check object's security when creating handles. 
Don't check object's security when duplicating a handle of the same or 
lower access rights. Based on a patch by Vitaliy Margolen.
 2007-02-21 19:49:02 +01:00
Jonathan Ernst
360a3f9142 Update the address of the Free Software Foundation. 2006-05-23 14:11:13 +02:00
Robert Shearman
91eaea53ae - Change the default user SID to match what was previously returned by 
NtQueryInformationToken.
- Implement TokenUser for NtQueryInformationToken.
- Add a function for getting the user's registry path from a SID.
 2005-07-18 13:22:55 +00:00
Robert Shearman
fbf0ea9f18 Store the default DACL in the token. 2005-07-13 19:31:27 +00:00
Robert Shearman
4bba21643c Add support for impersonating a token. 2005-06-20 13:18:38 +00:00
Robert Shearman
d2ea92d14e - Clean up well-known privileges. 
- Implement checking tokens for privileges in the server.
- Implement NtPrivilegeCheck.
 2005-04-22 21:17:15 +00:00