From 14b1f75ac73f956a1734843c22a800d6fc729f77 Mon Sep 17 00:00:00 2001
From: Bill Zissimopoulos <billziss@navimatics.com>
Date: Sat, 21 Nov 2015 16:49:16 -0800
Subject: [PATCH] sys: IoCreateDeviceSecure: tighten down who can open the
 device

---
 src/sys/driver.c | 2 +-
 src/sys/driver.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/sys/driver.c b/src/sys/driver.c
index 56f08009..b7d3aeaa 100644
--- a/src/sys/driver.c
+++ b/src/sys/driver.c
@@ -24,7 +24,7 @@ DriverEntry(
     /* create the file system control device objects */
     UNICODE_STRING DeviceSddl;
     UNICODE_STRING DeviceName;
-    RtlInitUnicodeString(&DeviceSddl, L"" DRIVER_SDDL);
+    RtlInitUnicodeString(&DeviceSddl, L"" DEVICE_SDDL);
     RtlInitUnicodeString(&DeviceName, L"\\Device\\" FSP_FSCTL_DISK_DEVICE_NAME);
     Result = IoCreateDeviceSecure(DriverObject,
         sizeof(FSP_FSCTL_DEVICE_EXTENSION), &DeviceName, FILE_DEVICE_DISK_FILE_SYSTEM, 0, FALSE,
diff --git a/src/sys/driver.h b/src/sys/driver.h
index f201a5d8..3349e7c6 100644
--- a/src/sys/driver.h
+++ b/src/sys/driver.h
@@ -12,7 +12,7 @@
 #include <winfsp/fsctl.h>
 
 #define DRIVER_NAME                     "WinFsp"
-#define DRIVER_SDDL                     "D:P(A;;GA;;;SY)(A;;GA;;;BA)"
+#define DEVICE_SDDL                     "D:P(A;;GA;;;SY)(A;;GA;;;BA)"
     /* system and builtin administrators have full access */
 
 /* DEBUGLOG */