Mapping of access rights (advapi32/service)
Paul Vriens
paul.vriens.wine at gmail.com
Mon Jul 9 09:08:06 CDT 2007
Vitaliy Margolen wrote:
> Paul Vriens wrote:
>> Hi,
>>
>> While adding some more tests I've found that we lack mapping between
>> some generic access rights and specific service access rights.
>>
>> An example is GENERIC_ALL that should map to SC_MANAGER_ALL_ACCESS.
>> Should this mapping be done in advapi32/service.c? Would it be OK to
> All mappings like that are performed in the server. But since these
> handles are maintained in the advapi then they should be mapped there as
> well.
>
>> create a specific function that does this mapping/translation? The
>> functions makes senses as we have several functions that need this
>> mapping.
> You can use RtlMapGenericMask() for this. Or just create a function like
> what server has.
>
> Vitaliy.
>
>
>
>
Hi Vitaliy,
Something like the attached? (Don't know if the cast is needed).
Cheers,
Paul.
-------------- next part --------------
diff --git a/dlls/advapi32/service.c b/dlls/advapi32/service.c
index 9fc351f..3b28f5e 100644
--- a/dlls/advapi32/service.c
+++ b/dlls/advapi32/service.c
@@ -45,6 +45,13 @@ static const WCHAR szServiceManagerKey[] = { 'S','y','s','t','e','m','\\',
static const WCHAR szSCMLock[] = {'A','D','V','A','P','I','_','S','C','M',
'L','O','C','K',0};
+static const GENERIC_MAPPING scm_generic = {
+ (STANDARD_RIGHTS_READ | SC_MANAGER_ENUMERATE_SERVICE | SC_MANAGER_QUERY_LOCK_STATUS),
+ (STANDARD_RIGHTS_WRITE | SC_MANAGER_CREATE_SERVICE | SC_MANAGER_MODIFY_BOOT_CONFIG),
+ (STANDARD_RIGHTS_EXECUTE | SC_MANAGER_CONNECT | SC_MANAGER_LOCK),
+ SC_MANAGER_ALL_ACCESS
+};
+
typedef struct service_start_info_t
{
DWORD cmd;
@@ -1041,6 +1048,7 @@ SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName,
struct sc_manager *manager;
HKEY hReg;
LONG r;
+ ACCESS_MASK mask = (ACCESS_MASK)dwDesiredAccess;
TRACE("(%s,%s,0x%08x)\n", debugstr_w(lpMachineName),
debugstr_w(lpDatabaseName), dwDesiredAccess);
@@ -1077,8 +1085,9 @@ SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName,
if (r!=ERROR_SUCCESS)
goto error;
- manager->dwAccess = dwDesiredAccess;
- TRACE("returning %p\n", manager);
+ RtlMapGenericMask(&mask, &scm_generic);
+ manager->dwAccess = mask;
+ TRACE("returning %p (new access mask : 0x%08x)\n", manager, manager->dwAccess);
return (SC_HANDLE) &manager->hdr;
More information about the wine-devel
mailing list