19 Sep
2012
19 Sep
'12
3:33 p.m.
Author: ekohl
Date: Wed Sep 19 15:33:48 2012
New Revision: 57340
URL: http://svn.reactos.org/svn/reactos?rev=57340&view=rev
Log:
[LSASRV]
LsarQueryInfromationPolicy: Check desired access depending on the information class.
Modified:
trunk/reactos/dll/win32/lsasrv/lsarpc.c
Modified: trunk/reactos/dll/win32/lsasrv/lsarpc.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsarpc.c?…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] Wed Sep 19 15:33:48 2012
@@ -188,6 +188,7 @@
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PLSA_DB_OBJECT DbObject;
+ ACCESS_MASK DesiredAccess = 0;
NTSTATUS Status;
TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
@@ -198,9 +199,34 @@
TRACE("*PolicyInformation %p\n", *PolicyInformation);
}
+ switch (InformationClass)
+ {
+ case PolicyAuditLogInformation:
+ case PolicyAuditEventsInformation:
+ case PolicyAuditFullQueryInformation:
+ DesiredAccess = POLICY_VIEW_AUDIT_INFORMATION;
+ break;
+
+ case PolicyPrimaryDomainInformation:
+ case PolicyAccountDomainInformation:
+ case PolicyLsaServerRoleInformation:
+ case PolicyReplicaSourceInformation:
+ case PolicyDefaultQuotaInformation:
+ DesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
+ break;
+
+ case PolicyPdAccountInformation:
+ DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
+ break;
+
+ default:
+ ERR("Invalid InformationClass!\n");
+ return STATUS_INVALID_PARAMETER;
+ }
+
Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject,
- 0, /* FIXME */
+ DesiredAccess,
&DbObject);
if (!NT_SUCCESS(Status))
return Status;
@@ -236,7 +262,7 @@
case PolicyAuditFullSetInformation:
case PolicyAuditFullQueryInformation:
case PolicyEfsInformation:
- FIXME("category not implemented\n");
+ FIXME("Information class not implemented\n");
Status = STATUS_UNSUCCESSFUL;
break;
}