diff options
| author | Ron Yorston <rmy@pobox.com> | 2023-03-25 15:04:15 +0000 |
|---|---|---|
| committer | Ron Yorston <rmy@pobox.com> | 2023-03-25 15:04:15 +0000 |
| commit | f4178f8d0b97baea0bb6a6444fc37171c83ad316 (patch) | |
| tree | 0af5eb4a7e16596b5ba9975c4cd0377a410e6d89 | |
| parent | 6d39c658a05b8dbd7ead0b9cfd38476c15041fc0 (diff) | |
| download | busybox-w32-f4178f8d0b97baea0bb6a6444fc37171c83ad316.tar.gz busybox-w32-f4178f8d0b97baea0bb6a6444fc37171c83ad316.tar.bz2 busybox-w32-f4178f8d0b97baea0bb6a6444fc37171c83ad316.zip | |
win32: use CheckTokenMembership() to check privilege
Rewrite the test for the reduced-privilege token: check whether
the BUILTIN\Administrators group is enabled. This seems more
directly relevant than the previous check for restrictions on
the token.
| -rw-r--r-- | win32/mingw.c | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/win32/mingw.c b/win32/mingw.c index 011bc5ffb..e81f17f11 100644 --- a/win32/mingw.c +++ b/win32/mingw.c | |||
| @@ -1138,26 +1138,28 @@ char *get_user_name(void) | |||
| 1138 | 1138 | ||
| 1139 | #if ENABLE_DROP || ENABLE_CDROP || ENABLE_PDROP | 1139 | #if ENABLE_DROP || ENABLE_CDROP || ENABLE_PDROP |
| 1140 | /* | 1140 | /* |
| 1141 | * When runuser drops privileges TokenIsElevated still returns TRUE. | 1141 | * When 'drop' drops privileges TokenIsElevated is still TRUE. |
| 1142 | * Use other means to determine if we're actually unprivileged. | 1142 | * Find out if we're really privileged by checking if the group |
| 1143 | * This is likely to be fragile. | 1143 | * BUILTIN\Administrators is enabled. |
| 1144 | */ | 1144 | */ |
| 1145 | static int | 1145 | static int |
| 1146 | actually_unprivileged(HANDLE h) | 1146 | really_privileged(void) |
| 1147 | { | 1147 | { |
| 1148 | DWORD restricted = 0; | 1148 | BOOL admin_enabled; |
| 1149 | DWORD size; | 1149 | unsigned char admin[16] = { |
| 1150 | 0x01, 0x02, 0x00, 0x00, | ||
| 1151 | 0x00, 0x00, 0x00, 0x05, | ||
| 1152 | 0x20, 0x00, 0x00, 0x00, | ||
| 1153 | 0x20, 0x02, 0x00, 0x00 | ||
| 1154 | }; | ||
| 1150 | 1155 | ||
| 1151 | if (GetTokenInformation(h, TokenHasRestrictions, &restricted, | 1156 | if (CheckTokenMembership(NULL, (PSID)admin, &admin_enabled)) |
| 1152 | sizeof(restricted), &size)) { | 1157 | return admin_enabled; |
| 1153 | // The token generated by runuser seems to 'have restrictions'. | ||
| 1154 | return restricted != 0; | ||
| 1155 | } | ||
| 1156 | 1158 | ||
| 1157 | return FALSE; | 1159 | return TRUE; |
| 1158 | } | 1160 | } |
| 1159 | #else | 1161 | #else |
| 1160 | # define actually_unprivileged(h) (FALSE) | 1162 | # define really_privileged() (TRUE) |
| 1161 | #endif | 1163 | #endif |
| 1162 | 1164 | ||
| 1163 | int getuid(void) | 1165 | int getuid(void) |
| @@ -1171,7 +1173,7 @@ int getuid(void) | |||
| 1171 | 1173 | ||
| 1172 | if (GetTokenInformation(h, TokenElevation, &elevation, | 1174 | if (GetTokenInformation(h, TokenElevation, &elevation, |
| 1173 | sizeof(elevation), &size)) { | 1175 | sizeof(elevation), &size)) { |
| 1174 | if (elevation.TokenIsElevated && !actually_unprivileged(h)) | 1176 | if (elevation.TokenIsElevated && really_privileged()) |
| 1175 | ret = 0; | 1177 | ret = 0; |
| 1176 | } | 1178 | } |
| 1177 | CloseHandle(h); | 1179 | CloseHandle(h); |