From 10276e6704ad4da70de0cec3703ac3a899c519eb Mon Sep 17 00:00:00 2001 From: midipix Date: Tue, 20 Mar 2018 00:02:48 +0000 Subject: sysv semaphore: open ipc directory with minimally required access. --- src/sem/ntapi_sem_connect.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/sem/ntapi_sem_connect.c b/src/sem/ntapi_sem_connect.c index 33a4541..71344b9 100644 --- a/src/sem/ntapi_sem_connect.c +++ b/src/sem/ntapi_sem_connect.c @@ -103,7 +103,11 @@ static int32_t __sempid_symlink_set( if (!rtdata->hsempiddir) { if ((status = __ntapi->tt_open_ipc_object_directory( &hpiddir, - NT_DIRECTORY_ALL_ACCESS, + NT_SEC_READ_CONTROL + | NT_DIRECTORY_QUERY + | NT_DIRECTORY_TRAVERSE + | NT_DIRECTORY_CREATE_OBJECT + | NT_DIRECTORY_CREATE_SUBDIRECTORY, p_sempid,&g_sempid))) return status; @@ -294,7 +298,7 @@ int32_t __stdcall __ntapi_sem_open( status = __ntapi->zw_open_symbolic_link_object( &hsymlink, - NT_SEC_STANDARD_RIGHTS_READ | NT_GENERIC_READ, + NT_SYMBOLIC_LINK_QUERY, &ipcoa); switch (status) { -- cgit v1.2.3