[Spice-devel] [PATCH spice-gtk 2/2] controller/win32: limit access to current user only
Marc-André Lureau
marcandre.lureau at gmail.com
Wed Oct 24 10:45:16 PDT 2012
Based on RHEV spicec-win only code.
---
gtk/controller/win32-util.c | 50 ++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 49 insertions(+), 1 deletion(-)
diff --git a/gtk/controller/win32-util.c b/gtk/controller/win32-util.c
index 4e3ec4c..1268b2a 100644
--- a/gtk/controller/win32-util.c
+++ b/gtk/controller/win32-util.c
@@ -64,17 +64,63 @@ end:
return success;
}
+
+static gboolean
+get_user_security_attributes (SECURITY_ATTRIBUTES* psa, SECURITY_DESCRIPTOR* psd, PACL* ppdacl)
+{
+ EXPLICIT_ACCESS ea;
+ TRUSTEE trst;
+ DWORD ret = 0;
+
+ ZeroMemory (psa, sizeof (*psa));
+ ZeroMemory (psd, sizeof (*psd));
+ psa->nLength = sizeof (*psa);
+ psa->bInheritHandle = FALSE;
+ psa->lpSecurityDescriptor = psd;
+
+ ZeroMemory (&trst, sizeof (trst));
+ trst.pMultipleTrustee = NULL;
+ trst.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
+ trst.TrusteeForm = TRUSTEE_IS_NAME;
+ trst.TrusteeType = TRUSTEE_IS_USER;
+ trst.ptstrName = "CURRENT_USER";
+
+ ZeroMemory (&ea, sizeof (ea));
+ ea.grfAccessPermissions = GENERIC_WRITE | GENERIC_READ;
+ ea.grfAccessMode = SET_ACCESS;
+ ea.grfInheritance = NO_INHERITANCE;
+ ea.Trustee = trst;
+
+ ret = SetEntriesInAcl (1, &ea, NULL, ppdacl);
+ if (ret != ERROR_SUCCESS)
+ return FALSE;
+
+ if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION))
+ return FALSE;
+
+ if (!SetSecurityDescriptorDacl (psd, TRUE, *ppdacl, FALSE))
+ return FALSE;
+
+ return TRUE;
+}
+
#define DEFAULT_PIPE_BUF_SIZE 4096
SpiceNamedPipe*
spice_win32_user_pipe_new (gchar *name, GError **error)
{
+ SECURITY_ATTRIBUTES sa;
+ SECURITY_DESCRIPTOR sd;
+ PACL dacl = NULL;
HANDLE pipe;
SpiceNamedPipe *np = NULL;
g_return_val_if_fail (name != NULL, NULL);
g_return_val_if_fail (error != NULL, NULL);
+ if (!get_user_security_attributes (&sa, &sd, &dacl))
+ return NULL;
+
pipe = CreateNamedPipe (name,
PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED |
/* FIXME: why is FILE_FLAG_FIRST_PIPE_INSTANCE needed for WRITE_DAC
@@ -84,7 +130,7 @@ spice_win32_user_pipe_new (gchar *name, GError **error)
PIPE_TYPE_BYTE | PIPE_READMODE_BYTE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
DEFAULT_PIPE_BUF_SIZE, DEFAULT_PIPE_BUF_SIZE,
- 0, NULL);
+ 0, &sa);
if (pipe == INVALID_HANDLE_VALUE) {
int errsv = GetLastError ();
@@ -107,5 +153,7 @@ spice_win32_user_pipe_new (gchar *name, GError **error)
NULL, error, "handle", pipe, NULL));
end:
+ LocalFree (dacl);
+
return np;
}
--
1.7.11.7
More information about the Spice-devel
mailing list