Public/winfsp
1
0
Fork 0
mirror of https://github.com/winfsp/winfsp.git synced 2025-10-30 19:48:38 -05:00
Code Activity

dll: WIP

Browse Source
This commit is contained in:
Bill Zissimopoulos
2016-01-03 20:39:16 -08:00
parent c1f317c348
commit 7146fe8b47
2 changed files with 24 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/dll/access.c
View File

@@ -19,13 +19,14 @@ FSP_API PGENERIC_MAPPING FspGetFileGenericMapping(VOID)
return &FspFileGenericMapping;
}
static NTSTATUS FspGetFileSecurityDescriptor(FSP_FILE_SYSTEM *FileSystem,
PWSTR FileName, PSECURITY_DESCRIPTOR *PSecurityDescriptor, SIZE_T *PSecurityDescriptorSize)
static NTSTATUS FspGetSecurity(FSP_FILE_SYSTEM *FileSystem,
PWSTR FileName, PDWORD PFileAttributes,
PSECURITY_DESCRIPTOR *PSecurityDescriptor, SIZE_T *PSecurityDescriptorSize)
{
for (;;)
{
NTSTATUS Result = FileSystem->Interface->GetSecurity(FileSystem,
FileName, *PSecurityDescriptor, PSecurityDescriptorSize);
FileName, PFileAttributes, *PSecurityDescriptor, PSecurityDescriptorSize);
if (STATUS_BUFFER_OVERFLOW != Result)
return Result;
@@ -50,6 +51,7 @@ FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
}
NTSTATUS Result;
DWORD FileAttributes;
PSECURITY_DESCRIPTOR SecurityDescriptor = 0;
SIZE_T SecurityDescriptorSize;
DWORD PrivilegeSetLength;
@@ -80,7 +82,7 @@ FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
}
Prefix = L'\0' == Prefix[0] ? L"\\" : (PWSTR)Request->Buffer;
Result = FspGetFileSecurityDescriptor(FileSystem, Prefix,
Result = FspGetSecurity(FileSystem, Prefix, &FileAttributes,
&SecurityDescriptor, &SecurityDescriptorSize);
FspPathCombine((PWSTR)Request->Buffer, Path);
@@ -103,11 +105,26 @@ FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
}
}
Result = FspGetFileSecurityDescriptor(FileSystem, (PWSTR)Request->Buffer,
Result = FspGetSecurity(FileSystem, (PWSTR)Request->Buffer, &FileAttributes,
&SecurityDescriptor, &SecurityDescriptorSize);
if (!NT_SUCCESS(Result))
goto exit;
if (0 != (FileAttributes && FILE_ATTRIBUTE_READONLY))
{
if (DesiredAccess &
(FILE_WRITE_DATA | FILE_APPEND_DATA | FILE_ADD_SUBDIRECTORY | FILE_DELETE_CHILD))
{
Result = STATUS_ACCESS_DENIED;
goto exit;
}
if (Request->Req.Create.CreateOptions & FILE_DELETE_ON_CLOSE)
{
Result = STATUS_CANNOT_DELETE;
goto exit;
}
}
if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, DesiredAccess,
&FspFileGenericMapping, 0, &PrivilegeSetLength, PGrantedAccess, &AccessStatus))
Result = AccessStatus ? STATUS_SUCCESS : STATUS_ACCESS_DENIED;