Mapping of access rights (advapi32/service)

Paul Vriens paul.vriens.wine at gmail.com
Mon Jul 9 09:08:06 CDT 2007


Vitaliy Margolen wrote:
> Paul Vriens wrote:
>> Hi,
>>
>> While adding some more tests I've found that we lack mapping between 
>> some generic access rights and specific service access rights.
>>
>> An example is GENERIC_ALL that should map to SC_MANAGER_ALL_ACCESS. 
>> Should this mapping be done in advapi32/service.c? Would it be OK to 
> All mappings like that are performed in the server. But since these 
> handles are maintained in the advapi then they should be mapped there as 
> well.
> 
>> create a specific function that does this mapping/translation? The 
>> functions makes senses as we have several functions that need this 
>> mapping.
> You can use RtlMapGenericMask() for this. Or just create a function like 
> what server has.
> 
> Vitaliy.
> 
> 
> 
> 
Hi Vitaliy,

Something like the attached? (Don't know if the cast is needed).

Cheers,

Paul.



-------------- next part --------------
diff --git a/dlls/advapi32/service.c b/dlls/advapi32/service.c
index 9fc351f..3b28f5e 100644
--- a/dlls/advapi32/service.c
+++ b/dlls/advapi32/service.c
@@ -45,6 +45,13 @@ static const WCHAR szServiceManagerKey[] = { 'S','y','s','t','e','m','\\',
 static const WCHAR  szSCMLock[] = {'A','D','V','A','P','I','_','S','C','M',
                                    'L','O','C','K',0};
 
+static const GENERIC_MAPPING scm_generic = {
+    (STANDARD_RIGHTS_READ | SC_MANAGER_ENUMERATE_SERVICE | SC_MANAGER_QUERY_LOCK_STATUS),
+    (STANDARD_RIGHTS_WRITE | SC_MANAGER_CREATE_SERVICE | SC_MANAGER_MODIFY_BOOT_CONFIG),
+    (STANDARD_RIGHTS_EXECUTE | SC_MANAGER_CONNECT | SC_MANAGER_LOCK),
+    SC_MANAGER_ALL_ACCESS
+};
+
 typedef struct service_start_info_t
 {
     DWORD cmd;
@@ -1041,6 +1048,7 @@ SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName,
     struct sc_manager *manager;
     HKEY hReg;
     LONG r;
+    ACCESS_MASK mask = (ACCESS_MASK)dwDesiredAccess;
 
     TRACE("(%s,%s,0x%08x)\n", debugstr_w(lpMachineName),
           debugstr_w(lpDatabaseName), dwDesiredAccess);
@@ -1077,8 +1085,9 @@ SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName,
     if (r!=ERROR_SUCCESS)
         goto error;
 
-    manager->dwAccess = dwDesiredAccess;
-    TRACE("returning %p\n", manager);
+    RtlMapGenericMask(&mask, &scm_generic);
+    manager->dwAccess = mask;
+    TRACE("returning %p (new access mask : 0x%08x)\n", manager, manager->dwAccess);
 
     return (SC_HANDLE) &manager->hdr;
 



More information about the wine-devel mailing list