lywsvip/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2026-06-20 09:32:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

[NTOS:SE] Set the SACL to the World security descriptor

Browse Source 
Implement the portion chunk of code that is responsible for setting the system access control list (SACL) to the World security descriptor, based from SeWorldSid (World security identifier).
This commit is contained in:
George Bișoc
2021-09-21 19:52:10 +02:00
parent ca3fa7197d
commit f341b9080b
1 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
ntoskrnl/se/sd.c
View File

@@ -181,6 +181,10 @@ SeSetWorldSecurityDescriptor(
{
SdSize += sizeof(ACL) + sizeof(ACE) + SidSize;
}
if (SecurityInformation & SACL_SECURITY_INFORMATION)
{
SdSize += sizeof(ACL) + sizeof(ACE) + SidSize;
}
if (*BufferLength < SdSize)
{
@@ -236,7 +240,26 @@ SeSetWorldSecurityDescriptor(
if (SecurityInformation & SACL_SECURITY_INFORMATION)
{
/* FIXME - SdRel->Control |= SE_SACL_PRESENT; */
PACL Sacl = (PACL)((PUCHAR)SdRel + Current);
Status = RtlCreateAcl(Sacl,
sizeof(ACL) + sizeof(ACE) + SidSize,
ACL_REVISION);
if (!NT_SUCCESS(Status))
return Status;
Status = RtlAddAuditAccessAce(Sacl,
ACL_REVISION,
ACCESS_SYSTEM_SECURITY | STANDARD_RIGHTS_ALL,
SeWorldSid,
TRUE,
TRUE);
if (!NT_SUCCESS(Status))
return Status;
SdRel->Control |= SE_SACL_PRESENT;
SdRel->Sacl = Current;
Current += SidSize;
}
return STATUS_SUCCESS;