httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject cvs commit: httpd-2.0/server/mpm/winnt service.c
Date Wed, 10 Jul 2002 02:37:33 GMT
wrowe       2002/07/09 19:37:33

  Modified:    server/mpm/winnt service.c
  Log:
    Narrow service manager access to what is actually needed to perform
    the given operations.
  
  Submitted by: David Shane Holden <dpejesh@yahoo.com>
  
  Revision  Changes    Path
  1.57      +11 -13    httpd-2.0/server/mpm/winnt/service.c
  
  Index: service.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm/winnt/service.c,v
  retrieving revision 1.56
  retrieving revision 1.57
  diff -u -r1.56 -r1.57
  --- service.c	2 Jul 2002 19:03:15 -0000	1.56
  +++ service.c	10 Jul 2002 02:37:33 -0000	1.57
  @@ -483,10 +483,10 @@
       if ((osver.dwPlatformId == VER_PLATFORM_WIN32_NT) 
             && (osver.dwMajorVersion > 4) 
             && (ChangeServiceConfig2)
  -          && (schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS)))
  +          && (schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CONNECT)))
       {    
           SC_HANDLE schService = OpenService(schSCManager, mpm_service_name,
  -                                               SERVICE_ALL_ACCESS);
  +                                           SERVICE_CHANGE_CONFIG);
           if (schService) {
               /* Cast is necessary, ChangeServiceConfig2 handles multiple
                * object types, some volatile, some not.
  @@ -854,10 +854,9 @@
       {
           SC_HANDLE   schService;
           SC_HANDLE   schSCManager;
  -    
  -        // TODO: Determine the minimum permissions required for security
  +
           schSCManager = OpenSCManager(NULL, NULL, /* local, default database */
  -                                     SC_MANAGER_ALL_ACCESS);
  +                                     SC_MANAGER_CREATE_SERVICE);
           if (!schSCManager) {
               rv = apr_get_os_error();
               ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL,
  @@ -870,7 +869,7 @@
           if (reconfig) {
               /* ###: utf-ize */
               schService = OpenService(schSCManager, mpm_service_name, 
  -                                     SERVICE_ALL_ACCESS);
  +                                     SERVICE_CHANGE_CONFIG);
               if (!schService) {
                   ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_ERR, 
                                apr_get_os_error(), NULL,
  @@ -1008,9 +1007,8 @@
   
           fprintf(stderr,"Removing the %s service\n", mpm_display_name);
   
  -        // TODO: Determine the minimum permissions required for security
           schSCManager = OpenSCManager(NULL, NULL, /* local, default database */
  -                                     SC_MANAGER_ALL_ACCESS);
  +                                     SC_MANAGER_CONNECT);
           if (!schSCManager) {
               rv = apr_get_os_error();
               ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL,
  @@ -1019,7 +1017,7 @@
           }
           
           /* ###: utf-ize */
  -        schService = OpenService(schSCManager, mpm_service_name, SERVICE_ALL_ACCESS);
  +        schService = OpenService(schSCManager, mpm_service_name, DELETE);
   
           if (!schService) {
              rv = apr_get_os_error();
  @@ -1123,9 +1121,8 @@
           SC_HANDLE   schService;
           SC_HANDLE   schSCManager;
   
  -        // TODO: Determine the minimum permissions required for security
           schSCManager = OpenSCManager(NULL, NULL, /* local, default database */
  -                                     SC_MANAGER_ALL_ACCESS);
  +                                     SC_MANAGER_CONNECT);
           if (!schSCManager) {
               rv = apr_get_os_error();
               ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL,
  @@ -1265,7 +1262,7 @@
           SC_HANDLE   schSCManager;
   
           schSCManager = OpenSCManager(NULL, NULL, // default machine & database
  -                                     SC_MANAGER_ALL_ACCESS);
  +                                     SC_MANAGER_CONNECT);
           
           if (!schSCManager) {
               ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, apr_get_os_error(), NULL,
  @@ -1275,7 +1272,8 @@
   
           /* ###: utf-ize */
           schService = OpenService(schSCManager, mpm_service_name, 
  -                                 SERVICE_ALL_ACCESS);
  +                                 SERVICE_INTERROGATE | SERVICE_QUERY_STATUS | 
  +                                 SERVICE_START | SERVICE_STOP);
   
           if (schService == NULL) {
               /* Could not open the service */
  
  
  

Mime
View raw message