mirrors/pulseaudio
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pulseaudio/pulseaudio.git synced 2025-11-23 06:59:53 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

win32: Use DACLs when setting socket permissions

Browse source 
Part-of: <https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/merge_requests/548>
This commit is contained in:
Patrick Gaskin 2021-04-22 21:44:40 -04:00 committed by PulseAudio Marge Bot
parent a238a58186
commit 39125a0f2b
1 changed files with 31 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

31
src/pulsecore/socket-server.c
View file

@ -58,6 +58,12 @@ int deny_severity = LOG_WARNING;
#include <systemd/sd-daemon.h> #include <systemd/sd-daemon.h>
#endif #endif
#ifdef HAVE_WINDOWS_H
#include <windows.h>
#include <aclapi.h>
#include <sddl.h>
#endif
#include <pulse/xmalloc.h> #include <pulse/xmalloc.h>
#include <pulse/util.h> #include <pulse/util.h>
@ -220,6 +226,31 @@ pa_socket_server* pa_socket_server_new_unix(pa_mainloop_api *m, const char *file
* inodes. */ * inodes. */
chmod(filename, 0777); chmod(filename, 0777);
#ifdef OS_IS_WIN32
/* https://docs.microsoft.com/en-us/windows/win32/secauthz/ace-strings */
/* https://docs.microsoft.com/en-us/windows/win32/secauthz/modifying-the-acls-of-an-object-in-c-- */
/* https://docs.microsoft.com/en-us/windows/win32/api/sddl/nf-sddl-convertstringsecuritydescriptortosecuritydescriptora */
PSECURITY_DESCRIPTOR sd;
if (ConvertStringSecurityDescriptorToSecurityDescriptorA(
"D:" /* DACL */
"(A;;FRFW;;;WD)", /* allow all users to read/write */
SDDL_REVISION_1, &sd, NULL
)) {
PACL acl;
BOOL acl_present, acl_default;
if (GetSecurityDescriptorDacl(sd, &acl_present, &acl, &acl_default)) {
if (SetNamedSecurityInfo(filename, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, acl, NULL) != ERROR_SUCCESS) {
pa_log_warn("Failed to set DACL for socket: failed to apply DACL: error %lu.", GetLastError());
}
LocalFree(acl);
} else {
pa_log_warn("Failed to set DACL for socket: failed to get security descriptor DACL: error %lu.", GetLastError());
}
} else {
pa_log_warn("Failed to set DACL for socket: failed to parse security descriptor: error %lu.", GetLastError());
}
#endif
if (listen(fd, 5) < 0) { if (listen(fd, 5) < 0) {
pa_log("listen(): %s", pa_cstrerror(errno)); pa_log("listen(): %s", pa_cstrerror(errno));
goto fail; goto fail;