comparison cinst/nssstore_win.c @ 1118:fd85a02d771d

(issue54) Implement a privilege drop to execute the program after installation. This commit is extremly ugly as I accidentally worked in a working tree that was partially merged with default. To review the real change please check the commit that will merge this branch into default.
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 16 Sep 2014 19:45:19 +0200
parents 1c1964c27b39 b8fb6bf7f980
children e210ecc32d69
comparison
equal deleted inserted replaced
1117:5b6203f78b4e 1118:fd85a02d771d
37 process on login to make sure it is launched once in the 37 process on login to make sure it is launched once in the
38 security context of that user. 38 security context of that user.
39 */ 39 */
40 40
41 #include <windows.h> 41 #include <windows.h>
42 #include <winsafer.h>
43 #include <sddl.h> 42 #include <sddl.h>
44 #include <stdio.h> 43 #include <stdio.h>
45 #include <stdbool.h> 44 #include <stdbool.h>
46 #include <userenv.h> 45 #include <userenv.h>
47 #include <io.h> 46 #include <io.h>
95 if (item->next) 94 if (item->next)
96 { 95 {
97 pkp_t_free (item->next); 96 pkp_t_free (item->next);
98 } 97 }
99 xfree (item); 98 xfree (item);
100 }
101
102 /** @brief get a restricted access token to execute nss process
103 *
104 * This function uses the Software Restriction API to obtain the
105 * access token for a process run als normal user.
106 *
107 * @returns A restricted handle or NULL on error.
108 */
109 static HANDLE
110 get_restricted_token()
111 {
112 SAFER_LEVEL_HANDLE user_level = NULL;
113 HANDLE retval = NULL;
114 SID_IDENTIFIER_AUTHORITY medium_identifier = {SECURITY_MANDATORY_LABEL_AUTHORITY};
115 PSID medium_sid = NULL;
116 TOKEN_MANDATORY_LABEL integrity_label;
117
118 memset (&integrity_label, 0, sizeof (integrity_label));
119
120 if (!SaferCreateLevel(SAFER_SCOPEID_USER,
121 SAFER_LEVELID_NORMALUSER,
122 SAFER_LEVEL_OPEN, &user_level, NULL))
123 {
124 PRINTLASTERROR ("Failed to create user level.\n");
125 return NULL;
126 }
127
128 if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL))
129 {
130 SaferCloseLevel(user_level);
131 return NULL;
132 }
133
134 SaferCloseLevel(user_level);
135
136 /* Set the SID to medium it will still be high otherwise. Even if
137 there is no high access allowed. */
138 if (!AllocateAndInitializeSid(&medium_identifier,
139 1,
140 SECURITY_MANDATORY_MEDIUM_RID,
141 0,
142 0,
143 0,
144 0,
145 0,
146 0,
147 0,
148 &medium_sid))
149 {
150 PRINTLASTERROR ("Failed to initialize sid.\n");
151 return NULL;
152 }
153
154 integrity_label.Label.Attributes = SE_GROUP_INTEGRITY;
155 integrity_label.Label.Sid = medium_sid;
156
157 if (!SetTokenInformation(retval,
158 TokenIntegrityLevel,
159 &integrity_label,
160 sizeof(TOKEN_MANDATORY_LABEL)))
161 {
162 PRINTLASTERROR ("Failed to set token integrity.\n");
163 return NULL;
164 }
165
166 return retval;
167 } 99 }
168 100
169 /**@brief Write strv of instructions to a handle 101 /**@brief Write strv of instructions to a handle
170 * 102 *
171 * Writes the null terminated list of instructions to 103 * Writes the null terminated list of instructions to

http://wald.intevation.org/projects/trustbridge/