Dmitry Timoshkov dmitry@baikal.ru writes:
Alexandre Julliard julliard@winehq.org wrote:
Dmitry Timoshkov dmitry@baikal.ru writes:
@@ -482,6 +482,17 @@ struct object *get_handle_obj( struct process *process, obj_handle_t handle, set_error( STATUS_OBJECT_TYPE_MISMATCH ); /* not the right type */ return NULL; }
if (access & (READ_CONTROL | WRITE_DAC)){const struct security_descriptor *sd = obj->ops->get_sd( obj );if (sd){struct token *token = current->token ? current->token : current->process->token;const SID *owner = sd_get_owner( sd );if (token_sid_present( token, owner, FALSE ))access &= ~(READ_CONTROL | WRITE_DAC);}}That seems very ad-hoc. It would need more convincing tests.
What kind of test would be more convincing for you? Even if the tests in 1/2 are not enough it's still a good start, and why not accept them while anticipating more tests?
I'd like to see tests for various object types, various types of security descriptors and tokens, and other security bits. Adding something like that in get_handle_obj() is going to affect everything, so it needs extensive tests.