[PATCH 1/2] server: Add default security descriptor ownership for processes.

Mon Apr 22 12:31:52 CDT 2019

On Mon, Apr 22, 2019 at 11:13 AM Alexandre Julliard <julliard at winehq.org> wrote:
>
> Vijay Kiran Kamuju <infyquest at gmail.com> writes:
>
> > +static struct security_descriptor *process_get_sd( struct object *obj )
> > +{
> > +    static struct security_descriptor *key_default_sd;
> > +
> > +    if (obj->sd) return obj->sd;
> > +
> > +    if (!key_default_sd)
> > +    {
> > +        size_t users_sid_len = security_sid_len( security_domain_users_sid );
> > +        size_t admins_sid_len = security_sid_len( security_builtin_admins_sid );
> > +
> > +        key_default_sd = mem_alloc( sizeof(*key_default_sd) + admins_sid_len + users_sid_len  );
> > +        key_default_sd->control   = SE_DACL_PRESENT;
> > +        key_default_sd->owner_len = admins_sid_len;
> > +        key_default_sd->group_len = users_sid_len;
> > +        key_default_sd->sacl_len  = 0;
> > +        key_default_sd->dacl_len  = 0;
> > +        memcpy( key_default_sd + 1, security_builtin_admins_sid, admins_sid_len );
> > +        memcpy( (char *)(key_default_sd + 1) + admins_sid_len, security_domain_users_sid, users_sid_len );
> > +    }
> > +    return key_default_sd;
>
> key_default_sd is clearly not the appropriate name here.

Sorry about that, I clearly started with the registry example
(key_get_sd).  Would you prefer process_default_sd or just default_sd?

Best,
Erich