[PATCH spice-gtk 2/2] controller/win32: limit access to current user only

"Marc-André Lureau" <marcandre.lureau@xxxxxxxxx> · Wed, 24 Oct 2012 19:45:16 +0200

Based on RHEV spicec-win only code.
---
 gtk/controller/win32-util.c | 50 ++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 49 insertions(+), 1 deletion(-)

diff --git a/gtk/controller/win32-util.c b/gtk/controller/win32-util.c
index 4e3ec4c..1268b2a 100644
--- a/gtk/controller/win32-util.c
+++ b/gtk/controller/win32-util.c
@@ -64,17 +64,63 @@ end:
 
     return success;
 }
+
+static gboolean
+get_user_security_attributes (SECURITY_ATTRIBUTES* psa, SECURITY_DESCRIPTOR* psd, PACL* ppdacl)
+{
+    EXPLICIT_ACCESS ea;
+    TRUSTEE trst;
+    DWORD ret = 0;
+
+    ZeroMemory (psa, sizeof (*psa));
+    ZeroMemory (psd, sizeof (*psd));
+    psa->nLength = sizeof (*psa);
+    psa->bInheritHandle = FALSE;
+    psa->lpSecurityDescriptor = psd;
+
+    ZeroMemory (&trst, sizeof (trst));
+    trst.pMultipleTrustee = NULL;
+    trst.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
+    trst.TrusteeForm = TRUSTEE_IS_NAME;
+    trst.TrusteeType = TRUSTEE_IS_USER;
+    trst.ptstrName = "CURRENT_USER";
+
+    ZeroMemory (&ea, sizeof (ea));
+    ea.grfAccessPermissions = GENERIC_WRITE | GENERIC_READ;
+    ea.grfAccessMode = SET_ACCESS;
+    ea.grfInheritance = NO_INHERITANCE;
+    ea.Trustee = trst;
+
+    ret = SetEntriesInAcl (1, &ea, NULL, ppdacl);
+    if (ret != ERROR_SUCCESS)
+        return FALSE;
+
+   if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION))
+       return FALSE;
+
+   if (!SetSecurityDescriptorDacl (psd, TRUE, *ppdacl, FALSE))
+       return FALSE;
+
+   return TRUE;
+}
+
 #define DEFAULT_PIPE_BUF_SIZE 4096
 
 SpiceNamedPipe*
 spice_win32_user_pipe_new (gchar *name, GError **error)
 {
+    SECURITY_ATTRIBUTES sa;
+    SECURITY_DESCRIPTOR sd;
+    PACL dacl = NULL;
     HANDLE pipe;
     SpiceNamedPipe *np = NULL;
 
     g_return_val_if_fail (name != NULL, NULL);
     g_return_val_if_fail (error != NULL, NULL);
 
+    if (!get_user_security_attributes (&sa, &sd, &dacl))
+        return NULL;
+
     pipe = CreateNamedPipe (name,
         PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED |
     /* FIXME: why is FILE_FLAG_FIRST_PIPE_INSTANCE needed for WRITE_DAC
@@ -84,7 +130,7 @@ spice_win32_user_pipe_new (gchar *name, GError **error)
         PIPE_TYPE_BYTE | PIPE_READMODE_BYTE | PIPE_WAIT,
         PIPE_UNLIMITED_INSTANCES,
         DEFAULT_PIPE_BUF_SIZE, DEFAULT_PIPE_BUF_SIZE,
-        0, NULL);
+        0, &sa);
 
     if (pipe == INVALID_HANDLE_VALUE) {
         int errsv = GetLastError ();
@@ -107,5 +153,7 @@ spice_win32_user_pipe_new (gchar *name, GError **error)
                                            NULL, error, "handle", pipe, NULL));
 
 end:
+    LocalFree (dacl);
+
     return np;
 }
-- 
1.7.11.7

_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/spice-devel





