PulseAudio Marge Bot pushed to branch master at PulseAudio / pulseaudio
Commits: 39125a0f by Patrick Gaskin at 2021-05-03T11:43:10+00:00 win32: Use DACLs when setting socket permissions Part-of: <https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/merge_requests/548> - - - - - 1 changed file: - src/pulsecore/socket-server.c Changes: ===================================== src/pulsecore/socket-server.c ===================================== @@ -58,6 +58,12 @@ int deny_severity = LOG_WARNING; #include <systemd/sd-daemon.h> #endif +#ifdef HAVE_WINDOWS_H +#include <windows.h> +#include <aclapi.h> +#include <sddl.h> +#endif + #include <pulse/xmalloc.h> #include <pulse/util.h> @@ -220,6 +226,31 @@ pa_socket_server* pa_socket_server_new_unix(pa_mainloop_api *m, const char *file * inodes. */ chmod(filename, 0777); +#ifdef OS_IS_WIN32 + /* https://docs.microsoft.com/en-us/windows/win32/secauthz/ace-strings */ + /* https://docs.microsoft.com/en-us/windows/win32/secauthz/modifying-the-acls-of-an-object-in-c-- */ + /* https://docs.microsoft.com/en-us/windows/win32/api/sddl/nf-sddl-convertstringsecuritydescriptortosecuritydescriptora */ + PSECURITY_DESCRIPTOR sd; + if (ConvertStringSecurityDescriptorToSecurityDescriptorA( + "D:" /* DACL */ + "(A;;FRFW;;;WD)", /* allow all users to read/write */ + SDDL_REVISION_1, &sd, NULL + )) { + PACL acl; + BOOL acl_present, acl_default; + if (GetSecurityDescriptorDacl(sd, &acl_present, &acl, &acl_default)) { + if (SetNamedSecurityInfo(filename, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, acl, NULL) != ERROR_SUCCESS) { + pa_log_warn("Failed to set DACL for socket: failed to apply DACL: error %lu.", GetLastError()); + } + LocalFree(acl); + } else { + pa_log_warn("Failed to set DACL for socket: failed to get security descriptor DACL: error %lu.", GetLastError()); + } + } else { + pa_log_warn("Failed to set DACL for socket: failed to parse security descriptor: error %lu.", GetLastError()); + } +#endif + if (listen(fd, 5) < 0) { pa_log("listen(): %s", pa_cstrerror(errno)); goto fail; View it on GitLab: https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/commit/39125a0f2b68513139961ba61dc9b4a405b766b0 -- View it on GitLab: https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/commit/39125a0f2b68513139961ba61dc9b4a405b766b0 You're receiving this email because of your account on gitlab.freedesktop.org.
_______________________________________________ pulseaudio-commits mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/pulseaudio-commits
