Vitaliy Margolen wrote:
Paul Vriens wrote:
Hi,
While adding some more tests I've found that we lack mapping between some generic access rights and specific service access rights.
An example is GENERIC_ALL that should map to SC_MANAGER_ALL_ACCESS. Should this mapping be done in advapi32/service.c? Would it be OK to
All mappings like that are performed in the server. But since these handles are maintained in the advapi then they should be mapped there as well.
create a specific function that does this mapping/translation? The functions makes senses as we have several functions that need this mapping.
You can use RtlMapGenericMask() for this. Or just create a function like what server has.
Vitaliy.
Hi Vitaliy,
Something like the attached? (Don't know if the cast is needed).
Cheers,
Paul.
diff --git a/dlls/advapi32/service.c b/dlls/advapi32/service.c index 9fc351f..3b28f5e 100644 --- a/dlls/advapi32/service.c +++ b/dlls/advapi32/service.c @@ -45,6 +45,13 @@ static const WCHAR szServiceManagerKey[] = { 'S','y','s','t','e','m','\', static const WCHAR szSCMLock[] = {'A','D','V','A','P','I','_','S','C','M', 'L','O','C','K',0};
+static const GENERIC_MAPPING scm_generic = { + (STANDARD_RIGHTS_READ | SC_MANAGER_ENUMERATE_SERVICE | SC_MANAGER_QUERY_LOCK_STATUS), + (STANDARD_RIGHTS_WRITE | SC_MANAGER_CREATE_SERVICE | SC_MANAGER_MODIFY_BOOT_CONFIG), + (STANDARD_RIGHTS_EXECUTE | SC_MANAGER_CONNECT | SC_MANAGER_LOCK), + SC_MANAGER_ALL_ACCESS +}; + typedef struct service_start_info_t { DWORD cmd; @@ -1041,6 +1048,7 @@ SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, struct sc_manager *manager; HKEY hReg; LONG r; + ACCESS_MASK mask = (ACCESS_MASK)dwDesiredAccess;
TRACE("(%s,%s,0x%08x)\n", debugstr_w(lpMachineName), debugstr_w(lpDatabaseName), dwDesiredAccess); @@ -1077,8 +1085,9 @@ SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, if (r!=ERROR_SUCCESS) goto error;
- manager->dwAccess = dwDesiredAccess; - TRACE("returning %p\n", manager); + RtlMapGenericMask(&mask, &scm_generic); + manager->dwAccess = mask; + TRACE("returning %p (new access mask : 0x%08x)\n", manager, manager->dwAccess);
return (SC_HANDLE) &manager->hdr;