diff options
author | midipix <writeonce@midipix.org> | 2018-10-20 17:17:47 -0400 |
---|---|---|
committer | midipix <writeonce@midipix.org> | 2018-10-20 23:37:39 -0400 |
commit | ca4b1f76d46b8e250839cbe1012a96be20e05efc (patch) | |
tree | d34f18889c731752086bbca3fac04b8499365388 | |
parent | a399853c13f8cd00de6e9b4afbe776de36a4be65 (diff) | |
download | ntapi-ca4b1f76d46b8e250839cbe1012a96be20e05efc.tar.bz2 ntapi-ca4b1f76d46b8e250839cbe1012a96be20e05efc.tar.xz |
__acl_init_common_meta_impl(): ace interp.: account for system-owned entities.
-rw-r--r-- | src/acl/ntapi_acl_helper.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/src/acl/ntapi_acl_helper.c b/src/acl/ntapi_acl_helper.c index 9d24554..f2d6b6b 100644 --- a/src/acl/ntapi_acl_helper.c +++ b/src/acl/ntapi_acl_helper.c @@ -107,6 +107,8 @@ static int32_t __acl_init_common_meta_impl( nt_sid * sid; nt_acl * acl; nt_access_allowed_ace * ace; + nt_access_allowed_ace * sysace; + nt_sid * syssid; unsigned char * value; unsigned char sacnt; char * mark = (char *)sd; @@ -154,10 +156,13 @@ static int32_t __acl_init_common_meta_impl( sid = (nt_sid *)&ace->sid_start; value = sid->identifier_authority.value; - if (!(__ntapi->tt_sid_compare(sid,&sid_system))) + if (!(__ntapi->tt_sid_compare(sid,&sid_system))) { meta->system_acc = ace->mask; - else if (!(__ntapi->tt_sid_compare(sid,&sid_owner_rights))) { + sysace = ace; + syssid = sid; + + } else if (!(__ntapi->tt_sid_compare(sid,&sid_owner_rights))) { if (meta->owner_ace) return NT_STATUS_INVALID_ACL; @@ -215,6 +220,17 @@ static int32_t __acl_init_common_meta_impl( ace = (nt_access_allowed_ace *)mark; } + if (!meta->group_ace && meta->owner_ace) { + if (meta->owner_ace->mask != meta->system_acc) { + if (!__ntapi->tt_sid_compare(meta->owner,&sid_system)) { + meta->group_ace = sysace; + meta->group_sid = syssid; + meta->group = syssid; + meta->system_acc = meta->owner_ace->mask; + } + } + } + return NT_STATUS_SUCCESS; } |