advapi = load_system32_dll("advapi32.dll");
successful = advapi &&
GET_WINDOWS_FUNCTION(advapi, GetSecurityInfo) &&
+ GET_WINDOWS_FUNCTION(advapi, SetSecurityInfo) &&
GET_WINDOWS_FUNCTION(advapi, OpenProcessToken) &&
GET_WINDOWS_FUNCTION(advapi, GetTokenInformation) &&
GET_WINDOWS_FUNCTION(advapi, InitializeSecurityDescriptor) &&
return successful;
}
-int got_crypt(void)
-{
- static int attempted = FALSE;
- static int successful;
- static HMODULE crypt;
-
- if (!attempted) {
- attempted = TRUE;
- crypt = load_system32_dll("crypt32.dll");
- successful = crypt &&
- GET_WINDOWS_FUNCTION(crypt, CryptProtectMemory);
- }
- return successful;
-}
-
PSID get_user_sid(void)
{
HANDLE proc = NULL, tok = NULL;
DWORD toklen, sidlen;
PSID sid = NULL, ret = NULL;
+ if (usersid)
+ return usersid;
+
if (!got_advapi())
goto cleanup;
/* Success. Move sid into the return value slot, and null it out
* to stop the cleanup code freeing it. */
- ret = sid;
+ ret = usersid = sid;
sid = NULL;
cleanup:
PACL *acl,
char **error)
{
- SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY;
- SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
EXPLICIT_ACCESS ea[3];
int acl_err;
int ret = FALSE;
return ret;
}
-int protectprocess(char *error)
+int setprocessacl(char *error)
{
- SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY;
- SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
EXPLICIT_ACCESS ea[2];
int acl_err;
int ret=FALSE;
goto cleanup;
}
- if (ERROR_SUCCESS !=
- SetSecurityInfo(
- GetCurrentProcess(),
- SE_KERNEL_OBJECT,
- OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
- usersid,
- NULL,
- acl,
- NULL
- )) {
+ if (ERROR_SUCCESS != p_SetSecurityInfo
+ (GetCurrentProcess(), SE_KERNEL_OBJECT,
+ OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
+ usersid, NULL, acl, NULL)) {
error=dupprintf("Unable to set process ACL: %s",
win_strerror(GetLastError()));
goto cleanup;
projects / PuTTY.git / blobdiff