system/wine
system/wine
1
0
Fork 0
mirror of git://source.winehq.org/git/wine.git synced 2024-07-18 22:53:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
161387 commits 3 branches 785 tags 324 MiB
Commit graph

122 commits

Author SHA1 Message Date
Jinoh Kang 9090229e67 server: Use the token owner instead of the token user for default object owner. 
Also, replace the token user with the token owner for the default DACL
as well.  Wine currently selects domain_users_sid as the token owner, so
use that.  This is required to pass the advapi32:security test which
expects the security descriptor owner SID to be referenced in the DACL
as well.
 2022-07-20 22:33:44 +02:00
Alexandre Julliard dd99319cde server: Return the full token group for TokenLogonSid. 
Based on a patch by Fabian Maurer.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=52845
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-04-25 13:24:02 +02:00
Alexandre Julliard 1a0f082682 server: Store the full group attributes. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-04-25 12:53:19 +02:00
Alexandre Julliard 868af0c500 server: Don't depend on the TOKEN_GROUPS structure on the server side. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:35:54 +01:00
Alexandre Julliard 990cc1c64b server: Define a server-side structure for SID. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:32:11 +01:00
Alexandre Julliard 841b8862fb server: Define a server-side structure for ACE. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:21:14 +01:00
Alexandre Julliard c36f81fa75 server: Define a server-side structure for ACL. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:10:40 +01:00
Alexandre Julliard bf3442fab6 server: Define a server-side structure for SID_AND_ATTRIBUTES. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 12:03:14 +01:00
Alexandre Julliard 7d7322671c server: Define a server-side structure for LUID_AND_ATTRIBUTES. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-25 11:55:40 +01:00
Alexandre Julliard 1381be977b server: Add sys/types.h include in a few more files. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-10-11 11:44:02 +02:00
Alexandre Julliard eb69da2a9c ntdll: Implement NtQueryInformationToken(TokenSessionId). 
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=46595
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-01 22:34:31 +02:00
Alexandre Julliard 2b5cefc92e server: Store the session id in the process token. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-01 22:34:31 +02:00
Zebediah Figura 4cca8b67d0 server: Create linked tokens as impersonation tokens. 
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=51347
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-06-30 18:46:16 +02:00
Damjan Jovanovic 31e984a09d server: The owner of a securable object should have all the standard access rights. 
Cygwin fork() fails in NtCreateSymbolicLinkObject(). We successfully
create the link but then fail to alloc_handle() with STATUS_ACCESS_DENIED,
because the requested access rights exceed what the owner is allowed.
Allow it more.

Thank you to Dmitry Timoshkov for debugging the security details from
alloc_handle() onwards.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=48891
Signed-off-by: Damjan Jovanovic <damjan.jov@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-06-08 22:28:44 +02:00
Alexandre Julliard 6f7b56a198 server: Merge the various token information queries. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-17 21:42:18 +01:00
Zebediah Figura ec9244f056 ntdll: Implement NtQueryInformationToken(TokenLinkedToken). 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-17 21:41:59 +01:00
Zebediah Figura c96749790b ntdll: Implement NtQueryInformationToken(TokenElevationType). 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-17 16:28:13 +01:00
Michael Müller f68659c6e8 server: Grant the same access rights when req->access is zero in duplicate_token. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-08 11:07:31 +01:00
Alexandre Julliard d6ef9401b3 server: Use the object type information to implement access mapping. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-05 22:53:46 +01:00
Alexandre Julliard 4d646de90d server: Add generic mapping masks for all object types. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-05 15:38:22 +01:00
Alexandre Julliard c6f2aacb57 server: Add a type descriptor to all server objects. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-04 21:25:32 +01:00
Alexandre Julliard 928a22cd02 server: Add a data type for generic access mappings. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-02-04 21:25:32 +01:00
Paul Gofman 9df7a2efc3 server: Add SeTcbPrivilege (SE_TCB_NAME) to the list of admin privileges. 
Fixes Origin client update failure.

Signed-off-by: Paul Gofman <pgofman@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-10-14 21:33:17 +02:00
Zebediah Figura fa1b0fcf6c server: Check duplicated handle access against the calling thread token and target process token. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-24 15:22:36 +02:00
Michael Müller d0bea3d702 server: Implement support for creating a process with a specified token. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-24 15:21:43 +02:00
Michael Müller 8c5638aa5e ntdll: Implement NtFilterToken. 
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-23 15:58:10 +02:00
Alexandre Julliard 2e51f9aae3 server: Add an object operation to retrieve an object name. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-09-22 16:55:08 +02:00
Alexandre Julliard 8286b780a4 server: Don't use wine/unicode.h. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-03-24 19:43:38 +01:00
Qian Hong 1058647e14 server: Create primary group using DOMAIN_GROUP_RID_USERS. 
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-05-01 11:15:29 +02:00
Erich E. Hoover e11e8705eb server: Add default security descriptor ownership for processes. 
Signed-off-by: Erich E. Hoover <erich.e.hoover@gmail.com>
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-04-24 21:57:48 +02:00
Michael Müller f926811e0d server: Correctly validate SID length in sd_is_valid. 
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-04-03 20:34:36 +02:00
Jacek Caban b2a546c92d server: Introduce kernel_object struct for generic association between server and kernel objects. 
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-03-26 13:55:15 +01:00
Jacek Caban c55c4ab88c server: Support token object type. 
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-02-22 14:27:22 +01:00
Michael Stefaniuc 9e365e4ecc server: Use the ARRAY_SIZE() macro. 
Signed-off-by: Michael Stefaniuc <mstefani@winehq.org>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-10-23 13:56:55 +02:00
Hans Leidekker fc3057c4f3 server: Store the token owner separately. 
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-05-02 16:05:32 +02:00
Hans Leidekker 14191f2dd0 server: Dump token details. 
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-05-02 16:05:30 +02:00
Alexandre Julliard 6b758dd1dc server: Add a macro to define SIDs. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-02-07 19:38:29 +01:00
Alistair Leslie-Hughes 4bbbc261d1 ntdll: Support TokenLogonSid in NtQueryInformationToken. 
Based on a patch by Andrew Wesie.

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2018-02-07 19:38:29 +01:00
Michael Müller a78d419420 server: Assign a default label to all tokens. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-19 09:50:32 +02:00
Michael Müller 7c08e787b1 server: Implement setting a security descriptor when duplicating tokens. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 11:12:24 +02:00
Michael Müller af2d01c2fa server: Implement changing the label of a security descriptor. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 11:08:59 +02:00
Michael Müller 2ebe679638 server: Implement querying the security label of a security descriptor. 
Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-06-15 10:50:54 +02:00
Sebastian Lackner 0e42bce0b6 server: Fix handling of MAXIMUM_ALLOWED in token_access_check. 
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-02-03 19:05:10 +01:00
André Hentschel 6b85b31b00 server: Remove dead assignment (clang). 
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-01-31 08:52:09 +01:00
Alexandre Julliard f55db7882d server: Add link_name and unlink_name object operations. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2016-02-04 21:07:19 +09:00
Alexandre Julliard 9504e2addf server: Add a helper function to validate and return object attributes. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2016-01-16 00:05:57 +09:00
Sebastian Lackner 25b0a4981b server: Fix assignment of primary_group in token_duplicate. 
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2015-12-21 18:17:03 +01:00
Hans Leidekker e0206d9f8a server: Make returning used privileges optional in token_access_check. 2015-07-17 20:19:36 +09:00
Hans Leidekker aa407a2818 server: Accept mandatory label ACEs. 2015-04-17 14:53:18 +09:00
Hans Leidekker 7dfdcf3034 server: The token user SID must be present in the default DACL. 2013-07-30 14:43:34 +02:00