commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r812189 - in /commons/sandbox/runtime/trunk/src/main/native: include/arch/windows/acr_arch_private.h os/win32/mutex.c os/win32/platform.c os/win32/sema.c os/win32/shm.c os/win32/temps.c os/win32/wusec.c
Date Mon, 07 Sep 2009 15:23:11 GMT
Author: mturk
Date: Mon Sep  7 15:23:11 2009
New Revision: 812189

URL: http://svn.apache.org/viewvc?rev=812189&view=rev
Log:
Implement win32 object security setters

Modified:
    commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
    commons/sandbox/runtime/trunk/src/main/native/os/win32/mutex.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/sema.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c

Modified: commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h?rev=812189&r1=812188&r2=812189&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
(original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
Mon Sep  7 15:23:11 2009
@@ -124,7 +124,7 @@
 DWORD        ACR_EnablePrivilege(LPCWSTR szPrivilege);
 PSID         ACR_DuplicateSid(JNIEnv *_E, PSID sSID);
 int          ACR_InitSecurityDescriptorTable(JNIEnv *);
-LPVOID       ACR_GetSecurityDescriptor(JNIEnv *, DWORD, DWORD);
+LPVOID       ACR_GetSecurityDescriptor(JNIEnv *, DWORD, DWORD, DWORD);
 DWORD        ACR_SetSecurityInfoD(HANDLE, SE_OBJECT_TYPE, PSID, PSID, LPVOID);
 
 /**

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/mutex.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/mutex.c?rev=812189&r1=812188&r2=812189&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/mutex.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/mutex.c Mon Sep  7 15:23:11 2009
@@ -19,6 +19,7 @@
 #include "acr_arch.h"
 #include "acr_clazz.h"
 #include "acr_error.h"
+#include "acr_file.h"
 #include "acr_memory.h"
 #include "acr_string.h"
 #include "acr_descriptor.h"
@@ -37,6 +38,32 @@
     "(L" ACR_CLASS_PATH "Descriptor;)V"
 };
 
+/* Left bit shifts from World scope to given scope */
+typedef enum prot_scope_e {
+    prot_scope_world = 0,
+    prot_scope_group = 4,
+    prot_scope_user =  8
+} prot_scope_e;
+
+static ACCESS_MASK convert_acc(int prot, prot_scope_e scope)
+{
+    /* These choices are based on the single filesystem bit that controls
+     * the given behavior.  They are -not- recommended for any set protection
+     * function, such a function should -set- use GENERIC_READ/WRITE/EXECUTE
+     */
+    ACCESS_MASK acc = 0;
+    prot = (prot >> scope) & 0x0F;
+    if (prot & ACR_FPROT_WEXECUTE)
+        acc = GENERIC_ALL | MUTEX_ALL_ACCESS;
+    else {
+        if (prot & ACR_FPROT_WWRITE)
+            acc |= GENERIC_WRITE | MUTEX_MODIFY_STATE;
+        if (prot & ACR_FPROT_WREAD)
+            acc |= GENERIC_READ;
+    }
+    return acc;
+}
+
 static int mutex_cleanup(void *mutex, int type, unsigned int flags)
 {
     if (type == ACR_DT_MUTEX) {
@@ -75,6 +102,7 @@
     sa.nLength = sizeof(SECURITY_ATTRIBUTES);
     sa.lpSecurityDescriptor = ACR_GetSecurityDescriptor(_E,
                                                 GENERIC_ALL | MUTEX_ALL_ACCESS,
+                                                GENERIC_ALL | MUTEX_ALL_ACCESS,
                                                 GENERIC_READ | GENERIC_WRITE | MUTEX_MODIFY_STATE);
     sa.bInheritHandle = FALSE;
     m = CreateMutexW(&sa, FALSE, reskey);
@@ -200,6 +228,8 @@
 ACR_DECLARE(int) ACR_ProcMutexPermSet(JNIEnv *_E, int mutex, int perms,
                                       acr_uid_t uid, acr_uid_t gid)
 {
+    DWORD  rc;
+    LPVOID sd;
     HANDLE m = (HANDLE)ACR_IOH_FDATA(mutex);
 
     if (ACR_IOH_FTYPE(mutex) != ACR_DT_MUTEX) {
@@ -208,7 +238,17 @@
     if (IS_INVALID_HANDLE(m)) {
         return ACR_EBADF;
     }
-    return ACR_ENOTIMPL;
+    sd = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
+                                   convert_acc(perms, prot_scope_user),
+                                   convert_acc(perms, prot_scope_group),
+                                   convert_acc(perms, prot_scope_world));
+    if (sd == NULL) {
+        /* Return the error from GetSecurityDescriptor */
+        return ACR_GET_OS_ERROR();
+    }
+    rc = ACR_SetSecurityInfoD(m, SE_KERNEL_OBJECT, uid, gid, sd);
+    
+    return rc;
 }
 
 ACR_DECLARE(int) ACR_ProcMutexClose(JNIEnv *_E, int mutex)

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c?rev=812189&r1=812188&r2=812189&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c Mon Sep  7 15:23:11
2009
@@ -66,10 +66,12 @@
     /* All file access to Admins */
     ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
                               GENERIC_ALL | FILE_ALL_ACCESS,
+                              GENERIC_ALL | FILE_ALL_ACCESS,
                               0);
     /* RWX file access to Authenticated users */
     ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
                               GENERIC_ALL | FILE_ALL_ACCESS,
+                              GENERIC_ALL | FILE_ALL_ACCESS,
                               GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE |
                               FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE);
     return acr_ioh_init(ios);

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/sema.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/sema.c?rev=812189&r1=812188&r2=812189&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/sema.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/sema.c Mon Sep  7 15:23:11 2009
@@ -19,6 +19,7 @@
 #include "acr_arch.h"
 #include "acr_clazz.h"
 #include "acr_error.h"
+#include "acr_file.h"
 #include "acr_memory.h"
 #include "acr_string.h"
 #include "acr_descriptor.h"
@@ -37,6 +38,32 @@
     "(L" ACR_CLASS_PATH "Descriptor;)V"
 };
 
+/* Left bit shifts from World scope to given scope */
+typedef enum prot_scope_e {
+    prot_scope_world = 0,
+    prot_scope_group = 4,
+    prot_scope_user =  8
+} prot_scope_e;
+
+static ACCESS_MASK convert_acc(int prot, prot_scope_e scope)
+{
+    /* These choices are based on the single filesystem bit that controls
+     * the given behavior.  They are -not- recommended for any set protection
+     * function, such a function should -set- use GENERIC_READ/WRITE/EXECUTE
+     */
+    ACCESS_MASK acc = 0;
+    prot = (prot >> scope) & 0x0F;
+    if (prot & ACR_FPROT_WEXECUTE)
+        acc = GENERIC_ALL | SEMAPHORE_ALL_ACCESS;
+    else {
+        if (prot & ACR_FPROT_WWRITE)
+            acc |= GENERIC_WRITE | SEMAPHORE_MODIFY_STATE;
+        if (prot & ACR_FPROT_WREAD)
+            acc |= GENERIC_READ;
+    }
+    return acc;
+}
+
 static int semaphore_cleanup(void *sema, int type, unsigned int flags)
 {
     if (type == ACR_DT_SEMAPHORE) {
@@ -83,6 +110,7 @@
     sa.nLength = sizeof(SECURITY_ATTRIBUTES);
     sa.lpSecurityDescriptor = ACR_GetSecurityDescriptor(_E,
                                             GENERIC_ALL | SEMAPHORE_ALL_ACCESS,
+                                            GENERIC_ALL | SEMAPHORE_ALL_ACCESS,
                                             GENERIC_READ | GENERIC_WRITE | SEMAPHORE_MODIFY_STATE);
     sa.bInheritHandle = FALSE;
     s = CreateSemaphoreW(&sa, (LONG)value, (LONG)maxval, reskey);
@@ -136,7 +164,8 @@
 ACR_DECLARE(int) ACR_SemaphorePermSet(JNIEnv *_E, int sema, int perms,
                                       acr_uid_t uid, acr_uid_t gid)
 {
-    int rc = 0;
+    DWORD  rc;
+    LPVOID sd;
     HANDLE s = (HANDLE)ACR_IOH_FDATA(sema);
 
     if (ACR_IOH_FTYPE(sema) != ACR_DT_SEMAPHORE) {
@@ -145,8 +174,17 @@
     if (IS_INVALID_HANDLE(s)) {
         return ACR_EBADF;
     }
+    sd = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
+                                   convert_acc(perms, prot_scope_user),
+                                   convert_acc(perms, prot_scope_group),
+                                   convert_acc(perms, prot_scope_world));
+    if (sd == NULL) {
+        /* Return the error from GetSecurityDescriptor */
+        return ACR_GET_OS_ERROR();
+    }
+    rc = ACR_SetSecurityInfoD(s, SE_KERNEL_OBJECT, uid, gid, sd);
 
-    return ACR_ENOTIMPL;
+    return rc;
 }
 
 ACR_DECLARE(int) ACR_SemaphoreWait(JNIEnv *_E, int sema)

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c?rev=812189&r1=812188&r2=812189&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c Mon Sep  7 15:23:11 2009
@@ -19,6 +19,7 @@
 #include "acr_arch.h"
 #include "acr_clazz.h"
 #include "acr_error.h"
+#include "acr_file.h"
 #include "acr_memory.h"
 #include "acr_string.h"
 #include "acr_descriptor.h"
@@ -56,6 +57,32 @@
     const wchar_t  *filename;
 };
 
+/* Left bit shifts from World scope to given scope */
+typedef enum prot_scope_e {
+    prot_scope_world = 0,
+    prot_scope_group = 4,
+    prot_scope_user =  8
+} prot_scope_e;
+
+static ACCESS_MASK convert_acc(int prot, prot_scope_e scope)
+{
+    /* These choices are based on the single filesystem bit that controls
+     * the given behavior.  They are -not- recommended for any set protection
+     * function, such a function should -set- use GENERIC_READ/WRITE/EXECUTE
+     */
+    ACCESS_MASK acc = 0;
+    prot = (prot >> scope) & 0x0F;
+    if (prot & ACR_FPROT_WEXECUTE)
+        acc = GENERIC_ALL | FILE_MAP_ALL_ACCESS;
+    else {
+        if (prot & ACR_FPROT_WWRITE)
+            acc |= GENERIC_WRITE | FILE_MAP_WRITE;
+        if (prot & ACR_FPROT_WREAD)
+            acc |= GENERIC_READ | FILE_MAP_READ;
+    }
+    return acc;
+}
+
 static int shm_cleanup(void *shm, int type, unsigned int flags)
 {
     int rc = 0;
@@ -163,6 +190,7 @@
         sa.nLength = sizeof(SECURITY_ATTRIBUTES);
         sa.lpSecurityDescriptor = ACR_GetSecurityDescriptor(_E,
                                                 GENERIC_ALL | FILE_ALL_ACCESS,
+                                                GENERIC_ALL | FILE_ALL_ACCESS,
                                                 0);
         sa.bInheritHandle = FALSE;
         /* Do file backed, which is not an inherited handle
@@ -336,7 +364,8 @@
 ACR_DECLARE(int) ACR_ShmPermSet(JNIEnv *_E, int shm, int perms,
                                 acr_uid_t uid, acr_uid_t gid)
 {
-    int rc = 0;
+    DWORD  rc = 0;
+    LPVOID sd;
     acr_shm_t *m = (acr_shm_t *)ACR_IOH_FDATA(shm);
 
     if (ACR_IOH_FTYPE(shm) != ACR_DT_SHM) {
@@ -348,6 +377,16 @@
         goto finally;
     }
 
+    sd = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
+                                   convert_acc(perms, prot_scope_user),
+                                   convert_acc(perms, prot_scope_group),
+                                   convert_acc(perms, prot_scope_world));
+    if (sd == NULL) {
+        rc = ACR_GET_OS_ERROR();
+        goto finally;
+    }
+    rc = ACR_SetSecurityInfoD(m, SE_KERNEL_OBJECT, uid, gid, sd);
+
 finally:
     ACR_THROW_IO_IF_ERR(rc);
     return rc;

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c?rev=812189&r1=812188&r2=812189&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c Mon Sep  7 15:23:11 2009
@@ -118,6 +118,7 @@
     /* Allow access only to owner and Administrators Group */
     sa.lpSecurityDescriptor = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
                                                 GENERIC_ALL | FILE_ALL_ACCESS,
+                                                GENERIC_ALL | FILE_ALL_ACCESS,
                                                 0);
     sa.bInheritHandle       = FALSE;
     for (;;) {

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c?rev=812189&r1=812188&r2=812189&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c Mon Sep  7 15:23:11 2009
@@ -316,8 +316,10 @@
 
 LPVOID ACR_GetSecurityDescriptor(JNIEnv *_E,
                                  DWORD dwAdminAccessMask,
+                                 DWORD dwGroupAccessMask,
                                  DWORD dwUsersAccessMask)
 {
+    int  rc = 0;
     char sdd[ACR_MBUFF_SIZ];
     char saa[32] = "";
     PSECURITY_DESCRIPTOR pSD = NULL;
@@ -341,6 +343,12 @@
     strcat(sdd, saa);
     strcat(sdd, ";;;SU)");
 
+    if (dwGroupAccessMask) {
+        sprintf(saa, "(A;OICI;0x%08x", dwGroupAccessMask);
+        /* Authenticated users */
+        strcat(sdd, saa);
+        strcat(sdd, ";;;CG)");
+    }
     if (dwUsersAccessMask) {
         sprintf(saa, "(A;OICI;0x%08x", dwUsersAccessMask);
         /* Authenticated users */
@@ -357,8 +365,8 @@
                                                 SDDL_REVISION_1, &pSD, NULL)) {
         pSD = NULL;
         if (!IS_INVALID_HANDLE(_E)) {
-            ACR_ThrowException(_E, THROW_FMARK, ACR_EX_ENOMEM,
-                               ACR_GET_OS_ERROR());
+            rc = ACR_GET_OS_ERROR();
+            ACR_ThrowException(_E, THROW_FMARK, ACR_EX_ENOMEM, rc);
         }
     }
     if (pSD) {
@@ -368,6 +376,8 @@
         ACR_TableAdd(_E, THROW_FMARK, security_table, sdd, pSD, sizeof(PSECURITY_DESCRIPTOR));
     }
     LeaveCriticalSection(&security_lock);
+    if (rc)
+        ACR_SET_OS_ERROR(rc);
     return pSD;
 }
 



Mime
View raw message