[RFC] Handle process token groups in server/file.c::sd_to_mode
Ben Peddell
klightspeed at netspace.net.au
Mon Nov 16 09:41:04 CST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This proposed patch (which I believe will contribute toward solving bugs
17672, 19588 and 20643, and any others where the permissions are set too
restrictive) exposes the token_sid_present call in token.c,
and uses it to check the SIDs in the security descriptor against those
in the process token.
Are there any changes anyone can think of before I submit it to
wine-patches?
Is there a better (already exposed) way of checking a SID against the
process token's group list?
- ----
server/file.c | 6 ++++--
server/security.h | 1 +
server/token.c | 2 +-
3 files changed, 6 insertions(+), 3 deletions(-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAksBcpAACgkQTHDAI68Nsuny6ACfXu3vvWS6O27Z/mfozb4e/ZMG
MYQAoItP8P75a3l54TYrLnQbk7lNyaaQ
=7QsU
-----END PGP SIGNATURE-----
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: wine-sd_to_mode-group-check.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20091117/cb5b4050/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wine-sd_to_mode-group-check.patch.sig
Type: application/octet-stream
Size: 72 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20091117/cb5b4050/attachment.obj>
More information about the wine-devel
mailing list