drew
/
acadia-newlib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Change well_known_admin_sid to well_known_admins_sid throughout. 

* sec_acl.cc (setacl): Never set DELETE permission. Set
        FILE_DELETE_CHILD only on readable and executable directories.
        * sec_helper.cc: Add constructor for `well_known_null_sid'.
        * security.cc (get_nt_attribute): Set S_ISVTX for directories if
        FILE_WRITE_DATA and FILE_EXECUTE but not FILE_DELETE_CHILD is set.
        Add evaluation of S_ISVTX, S_ISGID and S_ISUID from NULL ACE.
        (alloc_sd): Never set DELETE permission. Set FILE_DELETE_CHILD
        only on readable and executable directories.
        Add creation of NULL ACE for S_ISVTX, S_ISGID and S_ISUID permissions.
        * security.h: Add extern declaration for `well_known_null_sid'.
This commit is contained in:
Corinna Vinschen 2001-07-15 22:40:07 +00:00
parent 4c61c04cd3
commit 3a157c0d0d
7 changed files with 73 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,17 @@
Mon 16 Jul 2001 00:11:00 Corinna Vinschen <corinna@vinschen.de>
Change well_known_admin_sid to well_known_admins_sid throughout.
* sec_acl.cc (setacl): Never set DELETE permission. Set
FILE_DELETE_CHILD only on readable and executable directories.
* sec_helper.cc: Add constructor for `well_known_null_sid'.
* security.cc (get_nt_attribute): Set S_ISVTX for directories if
FILE_WRITE_DATA and FILE_EXECUTE but not FILE_DELETE_CHILD is set.
Add evaluation of S_ISVTX, S_ISGID and S_ISUID from NULL ACE.
(alloc_sd): Never set DELETE permission. Set FILE_DELETE_CHILD
only on readable and executable directories.
Add creation of NULL ACE for S_ISVTX, S_ISGID and S_ISUID permissions.
* security.h: Add extern declaration for `well_known_null_sid'.
Fri 13 Jul 2001 08:08:49 PM EDT Christopher Faylor <cgf@cygnus.com>
* syscalls.cc (stat_worker): Simplify previous change.

2
winsup/cygwin/grp.cc
View File

@ -174,7 +174,7 @@ read_etc_group ()
SID_NAME_USE acType;
debug_printf ("Emulating /etc/group");
if (! LookupAccountSidA (NULL ,
well_known_admin_sid,
well_known_admins_sid,
group_name,
&group_name_len,
domain_name,

5
winsup/cygwin/sec_acl.cc
View File

@ -121,10 +121,11 @@ setacl (const char *file, int nentries, aclent_t *aclbufp)
if (aclbufp[i].a_perm & S_IROTH)
allow |= FILE_GENERIC_READ;
if (aclbufp[i].a_perm & S_IWOTH)
allow |= STANDARD_RIGHTS_ALL | FILE_GENERIC_WRITE
| DELETE | FILE_DELETE_CHILD;
allow |= STANDARD_RIGHTS_ALL | FILE_GENERIC_WRITE;
if (aclbufp[i].a_perm & S_IXOTH)
allow |= FILE_GENERIC_EXECUTE;
if ((aclbufp[i].a_perm & (S_IWOTH | S_IXOTH)) == (S_IWOTH | S_IXOTH))
allow |= FILE_DELETE_CHILD;
/* Set inherit property. */
DWORD inheritance = (aclbufp[i].a_type & ACL_DEFAULT)
? INHERIT_ONLY : DONT_INHERIT;

3
winsup/cygwin/sec_helper.cc
View File

@ -44,6 +44,7 @@ SID_IDENTIFIER_AUTHORITY sid_auth[] = {
{SECURITY_NT_AUTHORITY}
};
cygsid well_known_null_sid ("S-1-0-0");
cygsid well_known_world_sid ("S-1-1-0");
cygsid well_known_local_sid ("S-1-2-0");
cygsid well_known_creator_owner_sid ("S-1-3-0");
@ -54,7 +55,7 @@ cygsid well_known_interactive_sid ("S-1-5-4");
cygsid well_known_service_sid ("S-1-5-6");
cygsid well_known_authenticated_users_sid ("S-1-5-11");
cygsid well_known_system_sid ("S-1-5-18");
cygsid well_known_admin_sid ("S-1-5-32-544");
cygsid well_known_admins_sid ("S-1-5-32-544");
char *
cygsid::string (char *nsidstr) const

77
winsup/cygwin/security.cc
View File

@ -456,7 +456,7 @@ get_group_sidlist (const char *logonserver, cygsidlist &grp_list,
if (usersid == well_known_system_sid)
{
grp_list += well_known_system_sid;
grp_list += well_known_admin_sid;
grp_list += well_known_admins_sid;
}
else
{
@ -626,10 +626,10 @@ get_dacl (PACL acl, cygsid usersid, cygsidlist &grp_list)
__seterrno ();
return FALSE;
}
if (grp_list.contains (well_known_admin_sid))
if (grp_list.contains (well_known_admins_sid))
{
if (!AddAccessAllowedAce(acl, ACL_REVISION, GENERIC_ALL,
well_known_admin_sid))
well_known_admins_sid))
{
__seterrno ();
return FALSE;
@ -1162,15 +1162,24 @@ get_nt_attribute (const char *file, int *attribute,
*flags |= S_IXOTH
| ((!(*anti & S_IXGRP)) ? S_IXGRP : 0)
| ((!(*anti & S_IXUSR)) ? S_IXUSR : 0);
/* Sticky bit for directories according to linux rules. */
if (!(ace->Mask & FILE_DELETE_CHILD)
&& S_ISDIR(*attribute)
&& !(*anti & S_ISVTX))
*flags |= S_ISVTX;
}
if ((*attribute & S_IFDIR) &&
(ace->Mask & (FILE_WRITE_DATA | FILE_EXECUTE | FILE_DELETE_CHILD))
== (FILE_WRITE_DATA | FILE_EXECUTE))
*flags |= S_ISVTX;
}
else if (ace_sid == well_known_null_sid)
{
/* Read SUID, SGID and VTX bits from NULL ACE. */
if (ace->Mask & FILE_READ_DATA)
*flags |= S_ISVTX;
if (ace->Mask & FILE_WRITE_DATA)
*flags |= S_ISGID;
if (ace->Mask & FILE_APPEND_DATA)
*flags |= S_ISUID;
}
}
*attribute &= ~(S_IRWXU|S_IRWXG|S_IRWXO|S_ISVTX);
*attribute &= ~(S_IRWXU | S_IRWXG | S_IRWXO | S_ISVTX | S_ISGID | S_ISUID);
*attribute |= allow;
*attribute &= ~deny;
syscall_printf ("file: %s %x, uid %d, gid %d", file, *attribute, uid, gid);
@ -1335,16 +1344,6 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
return NULL;
}
/*
* VTX bit may only be set if executable for `other' is set.
* For correct handling under WinNT, FILE_DELETE_CHILD has to
* be (un)set in each ACE.
*/
if (!(attribute & S_IXOTH))
attribute &= ~S_ISVTX;
if (!(attribute & S_IFDIR))
attribute |= S_ISVTX;
/* From here fill ACL. */
size_t acl_len = sizeof (ACL);
int ace_off = 0;
@ -1355,10 +1354,11 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
if (attribute & S_IRUSR)
owner_allow |= FILE_GENERIC_READ;
if (attribute & S_IWUSR)
owner_allow |= FILE_GENERIC_WRITE | DELETE;
owner_allow |= FILE_GENERIC_WRITE;
if (attribute & S_IXUSR)
owner_allow |= FILE_GENERIC_EXECUTE;
if (!(attribute & S_ISVTX))
if ((attribute & (S_IFDIR | S_IWUSR | S_IXUSR))
== (S_IFDIR | S_IWUSR | S_IXUSR))
owner_allow |= FILE_DELETE_CHILD;
/* Construct allow attribute for group. */
@ -1367,10 +1367,11 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
if (attribute & S_IRGRP)
group_allow |= FILE_GENERIC_READ;
if (attribute & S_IWGRP)
group_allow |= STANDARD_RIGHTS_WRITE | FILE_GENERIC_WRITE | DELETE;
group_allow |= STANDARD_RIGHTS_WRITE | FILE_GENERIC_WRITE;
if (attribute & S_IXGRP)
group_allow |= FILE_GENERIC_EXECUTE;
if (!(attribute & S_ISVTX))
if ((attribute & (S_IFDIR | S_IWGRP | S_IXGRP))
== (S_IFDIR | S_IWGRP | S_IXGRP))
group_allow |= FILE_DELETE_CHILD;
/* Construct allow attribute for everyone. */
@ -1379,12 +1380,26 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
if (attribute & S_IROTH)
other_allow |= FILE_GENERIC_READ;
if (attribute & S_IWOTH)
other_allow |= STANDARD_RIGHTS_WRITE | FILE_GENERIC_WRITE | DELETE;
other_allow |= STANDARD_RIGHTS_WRITE | FILE_GENERIC_WRITE;
if (attribute & S_IXOTH)
other_allow |= FILE_GENERIC_EXECUTE;
if (!(attribute & S_ISVTX))
if ((attribute & (S_IFDIR | S_IWOTH | S_IXOTH))
== (S_IFDIR | S_IWOTH | S_IXOTH)
&& !(attribute & S_ISVTX))
other_allow |= FILE_DELETE_CHILD;
/* Construct SUID, SGID and VTX bits in NULL ACE. */
DWORD null_allow = 0L;
if (attribute & (S_ISUID | S_ISGID | S_ISVTX))
{
if (attribute & S_ISUID)
null_allow |= FILE_APPEND_DATA;
if (attribute & S_ISGID)
null_allow |= FILE_WRITE_DATA;
if (attribute & S_ISVTX)
null_allow |= FILE_READ_DATA;
}
/* Construct deny attributes for owner and group. */
DWORD owner_deny = 0;
if (is_grp_member (uid, gid))
@ -1420,7 +1435,7 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
if (owner_deny
&& !add_access_denied_ace (acl, ace_off++, owner_deny,
owner_sid, acl_len, inherit))
return NULL;
return NULL;
/* Set allow ACE for owner. */
if (!add_access_allowed_ace (acl, ace_off++, owner_allow,
owner_sid, acl_len, inherit))
@ -1429,7 +1444,7 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
if (group_deny
&& !add_access_denied_ace (acl, ace_off++, group_deny,
group_sid, acl_len, inherit))
return NULL;
return NULL;
/* Set allow ACE for group. */
if (!add_access_allowed_ace (acl, ace_off++, group_allow,
group_sid, acl_len, inherit))
@ -1439,6 +1454,11 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
if (!add_access_allowed_ace (acl, ace_off++, other_allow,
well_known_world_sid, acl_len, inherit))
return NULL;
/* Set null ACE for special bits. */
if (null_allow
&& !add_access_allowed_ace (acl, ace_off++, null_allow,
well_known_null_sid, acl_len, inherit))
return NULL;
/* Get owner and group from current security descriptor. */
PSID cur_owner_sid = NULL;
@ -1463,7 +1483,8 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
|| (owner_sid && ace_sid == owner_sid)
|| (cur_group_sid && ace_sid == cur_group_sid)
|| (group_sid && ace_sid == group_sid)
|| (ace_sid == well_known_world_sid))
|| (ace_sid == well_known_world_sid)
|| (ace_sid == well_known_null_sid))
continue;
/*
* Add unrelated ACCESS_DENIED_ACE to the beginning but

3
winsup/cygwin/security.h
View File

@ -131,6 +131,7 @@ public:
}
};
extern cygsid well_known_null_sid;
extern cygsid well_known_world_sid;
extern cygsid well_known_local_sid;
extern cygsid well_known_creator_owner_sid;
@ -141,7 +142,7 @@ extern cygsid well_known_interactive_sid;
extern cygsid well_known_service_sid;
extern cygsid well_known_authenticated_users_sid;
extern cygsid well_known_system_sid;
extern cygsid well_known_admin_sid;
extern cygsid well_known_admins_sid;
inline BOOL
legal_sid_type (SID_NAME_USE type)

4
winsup/cygwin/shared.cc
View File

@ -249,7 +249,7 @@ sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
size_t acl_len = sizeof (ACL)
+ 4 * (sizeof (ACCESS_ALLOWED_ACE) - sizeof (DWORD))
+ GetLengthSid (sid)
+ GetLengthSid (well_known_admin_sid)
+ GetLengthSid (well_known_admins_sid)
+ GetLengthSid (well_known_system_sid)
+ GetLengthSid (well_known_creator_owner_sid);
if (sid2)
@ -266,7 +266,7 @@ sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
if (! AddAccessAllowedAce (acl, ACL_REVISION,
SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL,
well_known_admin_sid))
well_known_admins_sid))
debug_printf ("AddAccessAllowedAce(admin) %E");
if (! AddAccessAllowedAce (acl, ACL_REVISION,