Author: dgorbachev Date: Thu Jun 25 02:23:29 2009 New Revision: 41603 URL: http://svn.reactos.org/svn/reactos?rev=41603&view=rev Log: Hack: partially undo r38510 changes to overcome regression (bug #4169). Modified: trunk/reactos/ntoskrnl/se/semgr.c Modified: trunk/reactos/ntoskrnl/se/semgr.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/semgr.c?rev=41… ============================================================================== --- trunk/reactos/ntoskrnl/se/semgr.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/se/semgr.c [iso-8859-1] Thu Jun 25 02:23:29 2009 @@ -638,7 +638,7 @@ PTOKEN Token; NTSTATUS Status; PAGED_CODE(); - + /* Check if this is kernel mode */ if (PreviousMode == KernelMode) { @@ -654,7 +654,7 @@ /* Just give the desired access */ *GrantedAccess = DesiredAccess; } - + /* Success */ *AccessStatus = STATUS_SUCCESS; return STATUS_SUCCESS; @@ -688,24 +688,32 @@ SubjectSecurityContext.ProcessAuditId = NULL; SeLockSubjectContext(&SubjectSecurityContext); + /* FIXME */ /* Now perform the access check */ - SeAccessCheck(SecurityDescriptor, - &SubjectSecurityContext, - TRUE, - DesiredAccess, - 0, - &PrivilegeSet, //FIXME - GenericMapping, - PreviousMode, - GrantedAccess, - AccessStatus); + if (SeAccessCheck(SecurityDescriptor, + &SubjectSecurityContext, + TRUE, + DesiredAccess, + 0, + &PrivilegeSet, //FIXME + GenericMapping, + PreviousMode, + GrantedAccess, + AccessStatus)) + { + Status = *AccessStatus; + } + else + { + Status = STATUS_ACCESS_DENIED; + } /* Unlock subject context and dereference the token */ SeUnlockSubjectContext(&SubjectSecurityContext); ObDereferenceObject(Token); - /* Check succeeded */ - return STATUS_SUCCESS; + /* Check succeeded? */ + return Status; }