You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by mt...@apache.org on 2009/08/18 19:22:10 UTC
svn commit: r805503 - in
/commons/sandbox/runtime/trunk/src/main/native/os/win32: main.c platform.c
shm.c wusec.c
Author: mturk
Date: Tue Aug 18 17:22:10 2009
New Revision: 805503
URL: http://svn.apache.org/viewvc?rev=805503&view=rev
Log:
Drop group access
Modified:
commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c
commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c
commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c
commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c
Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c?rev=805503&r1=805502&r2=805503&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c Tue Aug 18 17:22:10 2009
@@ -51,8 +51,6 @@
PSECURITY_DESCRIPTOR acr_sd_filesys_admin = NULL;
PSECURITY_DESCRIPTOR acr_sd_generic_users = NULL;
PSECURITY_DESCRIPTOR acr_sd_filesys_users = NULL;
-PSECURITY_DESCRIPTOR acr_sd_generic_group = NULL;
-PSECURITY_DESCRIPTOR acr_sd_filesys_group = NULL;
typedef struct acr_thread_local_t {
JNIEnv *env;
Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c?rev=805503&r1=805502&r2=805503&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/platform.c Tue Aug 18 17:22:10 2009
@@ -30,8 +30,6 @@
extern PSECURITY_DESCRIPTOR acr_sd_filesys_admin;
extern PSECURITY_DESCRIPTOR acr_sd_generic_users;
extern PSECURITY_DESCRIPTOR acr_sd_filesys_users;
-extern PSECURITY_DESCRIPTOR acr_sd_generic_group;
-extern PSECURITY_DESCRIPTOR acr_sd_filesys_group;
acr_size_t acr_page_size;
int acr_native_codepage = ACR_CP_DEFAULT;
@@ -61,45 +59,25 @@
/* All access to Admins */
acr_sd_generic_admin = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
GENERIC_ALL,
- 0,
0);
}
if (!acr_sd_filesys_admin) {
/* All file access to Admins */
acr_sd_filesys_admin = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
GENERIC_ALL | FILE_ALL_ACCESS,
- 0,
0);
}
if (!acr_sd_generic_users) {
/* RWX access to Authenticated users */
acr_sd_generic_users = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
GENERIC_ALL,
- GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE,
- 0);
+ GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE);
}
if (!acr_sd_filesys_users) {
/* RWX file access to Authenticated users */
acr_sd_filesys_users = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
GENERIC_ALL | FILE_ALL_ACCESS,
GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE |
- FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE,
- 0);
- }
- if (!acr_sd_generic_group) {
- /* RWX access to Creator group */
- acr_sd_generic_group = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
- GENERIC_ALL,
- GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE,
- GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE);
- }
- if (!acr_sd_filesys_group) {
- /* RWX file access to Creator group */
- acr_sd_filesys_group = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
- GENERIC_ALL | FILE_ALL_ACCESS,
- GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE |
- FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE,
- GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE |
FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE);
}
return acr_ioh_init(ios);
Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c?rev=805503&r1=805502&r2=805503&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/shm.c Tue Aug 18 17:22:10 2009
@@ -44,7 +44,6 @@
extern PSECURITY_DESCRIPTOR acr_sd_filesys_admin;
extern PSECURITY_DESCRIPTOR acr_sd_filesys_users;
-extern PSECURITY_DESCRIPTOR acr_sd_filesys_group;
static int shm_cleanup(void *shm, int type, unsigned int flags)
{
@@ -149,7 +148,7 @@
/* Name-based shared memory */
else {
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
- sa.lpSecurityDescriptor = acr_sd_filesys_group;
+ sa.lpSecurityDescriptor = acr_sd_filesys_admin;
sa.bInheritHandle = FALSE;
/* Do file backed, which is not an inherited handle
* While we could open APR_EXCL, it doesn't seem that Unix
Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c?rev=805503&r1=805502&r2=805503&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c Tue Aug 18 17:22:10 2009
@@ -295,8 +295,7 @@
LPVOID ACR_GetSecurityDescriptor(JNIEnv *_E,
DWORD dwAdminAccessMask,
- DWORD dwUsersAccessMask,
- DWORD dwGroupAccessMask)
+ DWORD dwUsersAccessMask)
{
char sdd[ACR_MBUFF_SIZ];
char saa[32] = "";
@@ -327,12 +326,6 @@
strcat(sdd, saa);
strcat(sdd, ";;;AU)");
}
- if (dwGroupAccessMask) {
- sprintf(saa, "(A;OICI;0x%08x", dwGroupAccessMask);
- /* Creator Group */
- strcat(sdd, saa);
- strcat(sdd, ";;;CG)");
- }
if (!ConvertStringSecurityDescriptorToSecurityDescriptorA(sdd,
SDDL_REVISION_1, &pSD, NULL)) {
pSD = NULL;