2005-08-08 Corinna Vinschen <corinna@vinschen.de>
+ * security.cc (get_reg_security): New static function.
+ (get_nt_object_security): Call get_reg_security for registry keys
+ to circumvent problems with predefined registry keys.
+
+2005-08-08 Corinna Vinschen <corinna@vinschen.de>
+
* fhandler_process.cc (fhandler_process::open): Allow opening of
/proc/<pid>/fd for reading.
* fhandler_registry.cc (fhandler_registry::open): Ditto for registry
get_info_from_sd (sd, attribute, uidret, gidret);
}
+static int
+get_reg_security (HANDLE handle, security_descriptor &sd_ret)
+{
+ LONG ret;
+ DWORD len = 0;
+
+ ret = RegGetKeySecurity ((HKEY) handle,
+ DACL_SECURITY_INFORMATION
+ | GROUP_SECURITY_INFORMATION
+ | OWNER_SECURITY_INFORMATION,
+ sd_ret, &len);
+ if (ret == ERROR_INSUFFICIENT_BUFFER)
+ {
+ if (!sd_ret.malloc (len))
+ set_errno (ENOMEM);
+ else
+ ret = RegGetKeySecurity ((HKEY) handle,
+ DACL_SECURITY_INFORMATION
+ | GROUP_SECURITY_INFORMATION
+ | OWNER_SECURITY_INFORMATION,
+ sd_ret, &len);
+ }
+ if (ret != STATUS_SUCCESS)
+ {
+ __seterrno ();
+ return -1;
+ }
+ return 0;
+}
+
int
get_nt_object_security (HANDLE handle, SE_OBJECT_TYPE object_type,
security_descriptor &sd_ret)
{
NTSTATUS ret;
ULONG len = 0;
+
+ /* Unfortunately, NtQuerySecurityObject doesn't work on predefined registry
+ keys like HKEY_LOCAL_MACHINE. It fails with "Invalid Handle". So we
+ have to retreat to the Win32 registry functions for registry keys.
+ What bugs me is that RegGetKeySecurity is obviously just a wrapper
+ around NtQuerySecurityObject, but there seems to be no function to
+ convert pseudo HKEY values to real handles. */
+ if (object_type == SE_REGISTRY_KEY)
+ return get_reg_security (handle, sd_ret);
+
ret = NtQuerySecurityObject (handle,
DACL_SECURITY_INFORMATION
| GROUP_SECURITY_INFORMATION
OSDN Git Service
