From 3cb86d9fa8471fc279dbd8c80b3b2ca732ee89d5 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sun, 2 Feb 2020 10:00:42 +0000 Subject: [PATCH] Move the restricted_acl flag into winsecur.c. It's silly to set it at each call site of restrict_process_acl() if that function returns success! More sensible to have it be a flag in the same source file as restrict_process_acl(), set as an automatic _side effect_ of success. I've renamed the variable itself, and the global name 'restricted_acl' is now a query function that asks winsecur.c whether that operation has been (successfully) performed. --- cmdline.c | 1 - windows/window.c | 5 ++--- windows/winplink.c | 2 +- windows/winsecur.c | 5 ++++- windows/winsftp.c | 2 +- windows/winstuff.h | 2 +- 6 files changed, 9 insertions(+), 8 deletions(-) diff --git a/cmdline.c b/cmdline.c index 1ae74406..aa0000ce 100644 --- a/cmdline.c +++ b/cmdline.c @@ -845,7 +845,6 @@ int cmdline_process_param(const char *p, char *value, !strcmp(p, "-restrictacl")) { RETURN(1); restrict_process_acl(); - restricted_acl = true; } #endif diff --git a/windows/window.c b/windows/window.c index 3125c55a..6af2359e 100644 --- a/windows/window.c +++ b/windows/window.c @@ -561,7 +561,6 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show) (!p[2] || p[2] == '@' || p[2] == '&')) { /* &R restrict-acl prefix */ restrict_process_acl(); - restricted_acl = true; p += 2; } @@ -866,7 +865,7 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show) } } - if (restricted_acl) { + if (restricted_acl()) { lp_eventlog(win_gui_logpolicy, "Running with restricted process ACL"); } @@ -2224,7 +2223,7 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message, PROCESS_INFORMATION pi; HANDLE filemap = NULL; - if (restricted_acl) + if (restricted_acl()) argprefix = "&R"; else argprefix = ""; diff --git a/windows/winplink.c b/windows/winplink.c index dd0bcc34..936835bd 100644 --- a/windows/winplink.c +++ b/windows/winplink.c @@ -404,7 +404,7 @@ int main(int argc, char **argv) return 1; } - if (restricted_acl) { + if (restricted_acl()) { lp_eventlog(console_cli_logpolicy, "Running with restricted process ACL"); } diff --git a/windows/winsecur.c b/windows/winsecur.c index 38929e0c..190a5ee4 100644 --- a/windows/winsecur.c +++ b/windows/winsecur.c @@ -228,6 +228,9 @@ bool make_private_security_descriptor(DWORD permissions, return ret; } +static bool acl_restricted = false; +bool restricted_acl(void) { return acl_restricted; } + static bool really_restrict_process_acl(char **error) { EXPLICIT_ACCESS ea[2]; @@ -278,7 +281,7 @@ static bool really_restrict_process_acl(char **error) goto cleanup; } - + acl_restricted = true; ret=true; cleanup: diff --git a/windows/winsftp.c b/windows/winsftp.c index 3db81c71..af4980bd 100644 --- a/windows/winsftp.c +++ b/windows/winsftp.c @@ -714,7 +714,7 @@ char *ssh_sftp_get_cmdline(const char *prompt, bool no_fds_ok) void platform_psftp_pre_conn_setup(LogPolicy *lp) { - if (restricted_acl) { + if (restricted_acl()) { lp_eventlog(lp, "Running with restricted process ACL"); } } diff --git a/windows/winstuff.h b/windows/winstuff.h index 86326f7b..1e379755 100644 --- a/windows/winstuff.h +++ b/windows/winstuff.h @@ -587,7 +587,7 @@ void dll_hijacking_protection(void); HMODULE load_system32_dll(const char *libname); const char *win_strerror(int error); void restrict_process_acl(void); -GLOBAL bool restricted_acl; +bool restricted_acl(void); void escape_registry_key(const char *in, strbuf *out); void unescape_registry_key(const char *in, strbuf *out);