kernel32: Specify the access rights when creating a file object.

[Dmitry Timoshkov]

Alexandre Julliard <julliard at winehq.org> wrote:

> > While investigating how to fix the file section access tests in kernel32 I've
> > found that some places in Wine deliberately create objects with access rights
> > set to 0, that leads to creation of potentially not accessible objects.
> 
> Many of these are deliberate. You'll need test cases to show that you
> can require more permissions.

In the most cases these patches just add the access rights appropriate for
particular calls instead of assuming some default ones, that should be a good
thing to do from a security point of view. Test cases are needed, but only
to figure out what actual default permissions are provided for 0 access, and
for file sections the test already exists and shows that defaults access is 0
and a not accessible object as a result. Creating objects with access rights
set to 0 should not be used, and considered a bad practice in general IMO.

-- 
Dmitry.