From: Jinoh Kang jinoh.kang.kr@gmail.com
Also use domain_users_sid for the default DACL, since Wine currently chooses domain_users_sid as the current token owner. --- dlls/advapi32/tests/security.c | 1 - server/change.c | 2 +- server/file.c | 4 ++-- server/object.c | 2 +- server/security.h | 2 +- server/token.c | 6 +++--- 6 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c index d1e9c00c154..7795b0c462b 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c @@ -6364,7 +6364,6 @@ static void test_default_dacl_owner_group_sid(void) ok( ret, "error %lu\n", GetLastError() ); ok( owner != (void *)0xdeadbeef, "owner not set\n" ); ok( !defaulted, "owner defaulted\n" ); - todo_wine ok( EqualSid( owner, token_owner->Owner ), "owner shall equal token owner\n" );
group = (void *)0xdeadbeef; diff --git a/server/change.c b/server/change.c index 6477b457f74..7a806abc017 100644 --- a/server/change.c +++ b/server/change.c @@ -391,7 +391,7 @@ static int dir_set_sd( struct object *obj, const struct security_descriptor *sd, else if (obj->sd) owner = sd_get_owner( obj->sd ); else - owner = token_get_user( current->process->token ); + owner = token_get_owner( current->process->token );
if (set_info & DACL_SECURITY_INFORMATION) { diff --git a/server/file.c b/server/file.c index eb2dc5696ed..76c687833c9 100644 --- a/server/file.c +++ b/server/file.c @@ -245,7 +245,7 @@ static struct object *create_file( struct fd *root, const char *nameptr, data_si { const struct sid *owner = sd_get_owner( sd ); if (!owner) - owner = token_get_user( current->process->token ); + owner = token_get_owner( current->process->token ); mode = sd_to_mode( sd, owner ); } else if (options & FILE_DIRECTORY_FILE) @@ -528,7 +528,7 @@ static int file_set_sd( struct object *obj, const struct security_descriptor *sd else if (obj->sd) owner = sd_get_owner( obj->sd ); else - owner = token_get_user( current->process->token ); + owner = token_get_owner( current->process->token );
/* group and sacl not supported */
diff --git a/server/object.c b/server/object.c index 333f9e7b5d6..89e541ffb6b 100644 --- a/server/object.c +++ b/server/object.c @@ -574,7 +574,7 @@ int set_sd_defaults_from_token( struct object *obj, const struct security_descri } else if (token) { - owner = token_get_user( token ); + owner = token_get_owner( token ); new_sd.owner_len = sid_len( owner ); } else new_sd.owner_len = 0; diff --git a/server/security.h b/server/security.h index fa91b81b77c..58ab1594eae 100644 --- a/server/security.h +++ b/server/security.h @@ -73,7 +73,7 @@ extern int token_check_privileges( struct token *token, int all_required, const struct luid_attr *reqprivs, unsigned int count, struct luid_attr *usedprivs ); extern const struct acl *token_get_default_dacl( struct token *token ); -extern const struct sid *token_get_user( struct token *token ); +extern const struct sid *token_get_owner( struct token *token ); extern const struct sid *token_get_primary_group( struct token *token ); extern unsigned int token_get_session_id( struct token *token ); extern int token_sid_present( struct token *token, const struct sid *sid, int deny ); diff --git a/server/token.c b/server/token.c index f817c1114f8..99f5e36e279 100644 --- a/server/token.c +++ b/server/token.c @@ -732,7 +732,7 @@ struct token *token_create_admin( unsigned primary, int impersonation_level, int /* on Windows, this value changes every time the user logs on */ struct sid logon_sid = { SID_REVISION, 3, SECURITY_NT_AUTHORITY, { SECURITY_LOGON_IDS_RID, 0, 0 /* FIXME: should be randomly generated when tokens are inherited by new processes */ }}; const struct sid *user_sid = security_unix_uid_to_sid( getuid() ); - struct acl *default_dacl = create_default_dacl( user_sid ); + struct acl *default_dacl = create_default_dacl( &domain_users_sid ); const struct luid_attr admin_privs[] = { { SeChangeNotifyPrivilege, SE_PRIVILEGE_ENABLED }, @@ -1044,9 +1044,9 @@ const struct acl *token_get_default_dacl( struct token *token ) return token->default_dacl; }
-const struct sid *token_get_user( struct token *token ) +const struct sid *token_get_owner( struct token *token ) { - return token->user; + return token->owner; }
const struct sid *token_get_primary_group( struct token *token )