Public/winfsp
1
0
Fork 0
mirror of https://github.com/winfsp/winfsp.git synced 2025-04-23 08:53:01 -05:00
Code Issues Packages Projects Releases Wiki Activity

launcher: security model improvements

Browse Source
This commit is contained in:
Bill Zissimopoulos 2016-05-12 14:18:08 -07:00
parent 6971f4d6ae
commit 724d177d0b
2 changed files with 28 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/launcher/launcher.c
View File

@ -161,9 +161,10 @@ NTSTATUS SvcInstanceCreate(HANDLE ClientToken,
{ {
SVC_INSTANCE *SvcInstance = 0; SVC_INSTANCE *SvcInstance = 0;
HKEY RegKey = 0; HKEY RegKey = 0;
DWORD RegResult, RegSize, SecurityLen; DWORD RegResult, RegSize;
DWORD ClassNameSize, InstanceNameSize; DWORD ClassNameSize, InstanceNameSize;
WCHAR Executable[MAX_PATH], CommandLine[512], Security[512] = L"O:SYG:SY"; WCHAR Executable[MAX_PATH], CommandLine[512], SecurityBuf[512] = L"O:SYG:SY";
PWSTR Security;
PSECURITY_DESCRIPTOR SecurityDescriptor; PSECURITY_DESCRIPTOR SecurityDescriptor;
STARTUPINFOW StartupInfo; STARTUPINFOW StartupInfo;
PROCESS_INFORMATION ProcessInfo; PROCESS_INFORMATION ProcessInfo;
@ -206,10 +207,10 @@ NTSTATUS SvcInstanceCreate(HANDLE ClientToken,
goto exit; goto exit;
} }
SecurityLen = lstrlenW(Security); Security = SecurityBuf + lstrlenW(SecurityBuf);
RegSize = sizeof Security - SecurityLen * sizeof(WCHAR); RegSize = (DWORD)(sizeof SecurityBuf - (Security - SecurityBuf) * sizeof(WCHAR));
RegResult = RegGetValueW(RegKey, ClassName, L"Security", RRF_RT_REG_SZ, 0, RegResult = RegGetValueW(RegKey, ClassName, L"Security", RRF_RT_REG_SZ, 0,
Security + SecurityLen, &RegSize); Security, &RegSize);
if (ERROR_SUCCESS != RegResult && ERROR_FILE_NOT_FOUND != RegResult) if (ERROR_SUCCESS != RegResult && ERROR_FILE_NOT_FOUND != RegResult)
{ {
Result = FspNtStatusFromWin32(RegResult); Result = FspNtStatusFromWin32(RegResult);
@ -220,7 +221,12 @@ NTSTATUS SvcInstanceCreate(HANDLE ClientToken,
RegKey = 0; RegKey = 0;
if (L'\0' == Security) if (L'\0' == Security)
{
Security = SecurityBuf;
lstrcpyW(Security, L"" SVC_INSTANCE_DEFAULT_SDDL); lstrcpyW(Security, L"" SVC_INSTANCE_DEFAULT_SDDL);
}
else if (L'D' == Security[0] && L':' == Security[1])
Security = SecurityBuf;
if (!ConvertStringSecurityDescriptorToSecurityDescriptorW(Security, SDDL_REVISION_1, if (!ConvertStringSecurityDescriptorToSecurityDescriptorW(Security, SDDL_REVISION_1,
&SecurityDescriptor, 0)) &SecurityDescriptor, 0))

22
src/launcher/launcher.h
View File

@ -26,14 +26,26 @@
#define PIPE_BUFFER_SIZE 2048 #define PIPE_BUFFER_SIZE 2048
#define PIPE_DEFAULT_TIMEOUT 3000 #define PIPE_DEFAULT_TIMEOUT 3000
#define SVC_INSTANCE_DEFAULT_SDDL "O:SYG:SYD:P(A;;GA;;;SY)(A;;GA;;;BA)(A;;GR;;;WD)" /* RP:SERVICE_START, WP:SERVICE_STOP, SC:SERVICE_QUERY_STATUS */
/*
* The default service instance SDDL gives full access to LocalSystem and Administrators.
* The only possible service instance rights are as follows:
* RP SERVICE_START
* WP SERVICE_STOP
* SC SERVICE_QUERY_STATUS
*
* To create a service that can be started, stopped or queried by everyone, you can set
* the following SDDL:
* D:P(A;;RPWPSC;;;WD)
*/
#define SVC_INSTANCE_DEFAULT_SDDL "O:SYG:SYD:P(A;;RPWPSC;;;SY)(A;;RPWPSC;;;BA)"
enum enum
{ {
LauncherSvcInstanceStart = 'S', LauncherSvcInstanceStart = 'S', /* requires: SERVICE_START */
LauncherSvcInstanceStop = 'T', LauncherSvcInstanceStop = 'T', /* requires: SERVICE_STOP */
LauncherSvcInstanceList = 'L', LauncherSvcInstanceList = 'L', /* requires: none*/
LauncherSvcInstanceInfo = 'I', LauncherSvcInstanceInfo = 'I', /* requires: SERVICE_QUERY_STATUS */
}; };
#endif #endif