- correctly deny access to handles when rights requested can't be
granted
- map generic rights correctly
- various fixes where handles with inappropriate access rights were
created
Modified: trunk/reactos/include/ddk/cmtypes.h
Modified: trunk/reactos/lib/advapi32/reg/reg.c
Modified: trunk/reactos/lib/kernel32/file/dir.c
Modified: trunk/reactos/lib/ntdll/ldr/utils.c
Modified: trunk/reactos/lib/ntdll/rtl/path.c
Modified: trunk/reactos/lib/syssetup/wizard.c
Modified: trunk/reactos/ntoskrnl/cm/ntfunc.c
Modified: trunk/reactos/ntoskrnl/cm/registry.c
Modified: trunk/reactos/ntoskrnl/io/create.c
Modified: trunk/reactos/ntoskrnl/io/device.c
Modified: trunk/reactos/ntoskrnl/io/driver.c
Modified: trunk/reactos/ntoskrnl/io/file.c
Modified: trunk/reactos/ntoskrnl/io/iomgr.c
Modified: trunk/reactos/ntoskrnl/io/vpb.c
Modified: trunk/reactos/ntoskrnl/ke/i386/exp.c
Modified: trunk/reactos/ntoskrnl/ldr/sysdll.c
Modified: trunk/reactos/ntoskrnl/ob/handle.c
Modified: trunk/reactos/ntoskrnl/ob/object.c
Modified: trunk/reactos/ntoskrnl/se/token.c
Modified: trunk/reactos/subsys/smss/initwkdll.c
Modified: trunk/reactos/subsys/system/services/database.c
Modified: trunk/reactos/subsys/system/winlogon/setup.c
_____
Modified: trunk/reactos/include/ddk/cmtypes.h
--- trunk/reactos/include/ddk/cmtypes.h 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/include/ddk/cmtypes.h 2005-03-19 19:13:01 UTC (rev
14197)
@@ -10,7 +10,10 @@
{
KeyBasicInformation,
KeyNodeInformation,
- KeyFullInformation
+ KeyFullInformation,
+ KeyNameInformation,
+ KeyCachedInformation,
+ KeyFlagsInformation
} KEY_INFORMATION_CLASS;
typedef struct _KEY_BASIC_INFORMATION
_____
Modified: trunk/reactos/lib/advapi32/reg/reg.c
--- trunk/reactos/lib/advapi32/reg/reg.c 2005-03-19 18:31:14 UTC
(rev 14196)
+++ trunk/reactos/lib/advapi32/reg/reg.c 2005-03-19 19:13:01 UTC
(rev 14197)
@@ -222,7 +222,7 @@
NULL,
NULL);
return NtOpenKey (KeyHandle,
- KEY_ALL_ACCESS,
+ MAXIMUM_ALLOWED,
&Attributes);
}
_____
Modified: trunk/reactos/lib/kernel32/file/dir.c
--- trunk/reactos/lib/kernel32/file/dir.c 2005-03-19 18:31:14 UTC
(rev 14196)
+++ trunk/reactos/lib/kernel32/file/dir.c 2005-03-19 19:13:01 UTC
(rev 14197)
@@ -221,7 +221,7 @@
DPRINT("NtPathU '%S'\n", NtPathU.Buffer);
Status = NtCreateFile (&DirectoryHandle,
- FILE_WRITE_ATTRIBUTES, /* 0x110080 */
+ DELETE,
&ObjectAttributes,
&IoStatusBlock,
NULL,
_____
Modified: trunk/reactos/lib/ntdll/ldr/utils.c
--- trunk/reactos/lib/ntdll/ldr/utils.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/lib/ntdll/ldr/utils.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -682,7 +682,7 @@
SECTION_ALL_ACCESS,
NULL,
NULL,
- PAGE_READWRITE,
+ PAGE_READONLY,
SEC_COMMIT | (MapAsDataFile ? 0 :
SEC_IMAGE),
FileHandle);
NtClose(FileHandle);
@@ -2048,7 +2048,7 @@
&ViewSize,
0,
MEM_COMMIT,
- PAGE_READWRITE);
+ PAGE_READONLY);
if (!NT_SUCCESS(Status))
{
DPRINT1("map view of section failed (Status %x)\n",
Status);
@@ -2875,10 +2875,10 @@
DPRINT ("LdrVerifyImageMatchesChecksum() called\n");
Status = NtCreateSection (&SectionHandle,
- SECTION_MAP_EXECUTE,
+ SECTION_MAP_READ,
NULL,
NULL,
- PAGE_EXECUTE,
+ PAGE_READONLY,
SEC_COMMIT,
FileHandle);
if (!NT_SUCCESS(Status))
@@ -2898,7 +2898,7 @@
&ViewSize,
ViewShare,
0,
- PAGE_EXECUTE);
+ PAGE_READONLY);
if (!NT_SUCCESS(Status))
{
DPRINT1 ("NtMapViewOfSection() failed (Status %lx)\n", Status);
_____
Modified: trunk/reactos/lib/ntdll/rtl/path.c
--- trunk/reactos/lib/ntdll/rtl/path.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/lib/ntdll/rtl/path.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -290,8 +290,8 @@
}
/* don't keep the directory handle open on removable media */
- if (!NtQueryVolumeInformationFile( handle, &iosb, &device_info,
- sizeof(device_info),
FileFsDeviceInformation ) &&
+ if (NT_SUCCESS(NtQueryVolumeInformationFile( handle, &iosb,
&device_info,
+ sizeof(device_info),
FileFsDeviceInformation )) &&
(device_info.Characteristics & FILE_REMOVABLE_MEDIA))
{
DPRINT1("don't keep the directory handle open on removable
media\n");
_____
Modified: trunk/reactos/lib/syssetup/wizard.c
--- trunk/reactos/lib/syssetup/wizard.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/lib/syssetup/wizard.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -1133,7 +1133,7 @@
*/
if(OpenProcessToken(GetCurrentProcess(),
- TOKEN_ADJUST_PRIVILEGES,
+ TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
&hToken))
{
priv.PrivilegeCount = 1;
_____
Modified: trunk/reactos/ntoskrnl/cm/ntfunc.c
--- trunk/reactos/ntoskrnl/cm/ntfunc.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/cm/ntfunc.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -460,9 +460,12 @@
PKEY_FULL_INFORMATION FullInformation;
PDATA_CELL ClassCell;
ULONG NameSize, ClassSize;
+ KPROCESSOR_MODE PreviousMode;
NTSTATUS Status;
PAGED_CODE();
+
+ PreviousMode = ExGetPreviousMode();
DPRINT("KH %x I %d KIC %x KI %x L %d RL %x\n",
KeyHandle,
@@ -476,7 +479,7 @@
Status = ObReferenceObjectByHandle(KeyHandle,
KEY_ENUMERATE_SUB_KEYS,
CmiKeyType,
- UserMode,
+ PreviousMode,
(PVOID *) &KeyObject,
NULL);
if (!NT_SUCCESS(Status))
@@ -1056,7 +1059,7 @@
/* Verify that the handle is valid and is a registry key */
Status = ObReferenceObjectByHandle(KeyHandle,
- KEY_QUERY_VALUE,
+ 0,
CmiKeyType,
PreviousMode,
(PVOID *)&KeyObject,
@@ -1218,7 +1221,7 @@
/* Verify that the handle is valid and is a registry key */
Status = ObReferenceObjectByHandle(KeyHandle,
- KEY_READ,
+ (KeyInformationClass != KeyNameInformation ?
KEY_QUERY_VALUE : 0),
CmiKeyType,
UserMode,
(PVOID *) &KeyObject,
@@ -1377,6 +1380,13 @@
}
break;
+ case KeyNameInformation:
+ case KeyCachedInformation:
+ case KeyFlagsInformation:
+ DPRINT1("Key information class 0x%x not yet implemented!\n",
KeyInformationClass);
+ Status = STATUS_NOT_IMPLEMENTED;
+ break;
+
default:
DPRINT1("Not handling 0x%x\n", KeyInformationClass);
Status = STATUS_INVALID_INFO_CLASS;
@@ -1658,14 +1668,12 @@
KeyHandle, ValueName, Type);
DesiredAccess = KEY_SET_VALUE;
- if (Type == REG_LINK)
- DesiredAccess |= KEY_CREATE_LINK;
/* Verify that the handle is valid and is a registry key */
Status = ObReferenceObjectByHandle(KeyHandle,
DesiredAccess,
CmiKeyType,
- UserMode,
+ ExGetPreviousMode(),
(PVOID *)&KeyObject,
NULL);
if (!NT_SUCCESS(Status))
_____
Modified: trunk/reactos/ntoskrnl/cm/registry.c
--- trunk/reactos/ntoskrnl/cm/registry.c 2005-03-19 18:31:14 UTC
(rev 14196)
+++ trunk/reactos/ntoskrnl/cm/registry.c 2005-03-19 19:13:01 UTC
(rev 14197)
@@ -423,7 +423,7 @@
ASSERT(NT_SUCCESS(Status));
Status = ObInsertObject(RootKey,
NULL,
- STANDARD_RIGHTS_REQUIRED,
+ KEY_ALL_ACCESS,
0,
NULL,
&RootKeyHandle);
@@ -462,7 +462,7 @@
RootKeyHandle,
NULL);
Status = ZwCreateKey(&KeyHandle,
- STANDARD_RIGHTS_REQUIRED,
+ KEY_ALL_ACCESS,
&ObjectAttributes,
0,
NULL,
@@ -479,7 +479,7 @@
RootKeyHandle,
NULL);
Status = ZwCreateKey(&KeyHandle,
- STANDARD_RIGHTS_REQUIRED,
+ KEY_ALL_ACCESS,
&ObjectAttributes,
0,
NULL,
_____
Modified: trunk/reactos/ntoskrnl/io/create.c
--- trunk/reactos/ntoskrnl/io/create.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/io/create.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -448,9 +448,6 @@
return Status;
}
- RtlMapGenericMask(&DesiredAccess,
- BODY_TO_HEADER(FileObject)->ObjectType->Mapping);
-
Status = ObInsertObject ((PVOID)FileObject,
NULL,
DesiredAccess,
_____
Modified: trunk/reactos/ntoskrnl/io/device.c
--- trunk/reactos/ntoskrnl/io/device.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/io/device.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -349,7 +349,10 @@
FILE_NON_DIRECTORY_FILE);
if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("NtOpenFile failed, Status: 0x%x\n", Status);
return Status;
+ }
Status = ObReferenceObjectByHandle(
FileHandle,
_____
Modified: trunk/reactos/ntoskrnl/io/driver.c
--- trunk/reactos/ntoskrnl/io/driver.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/io/driver.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -960,7 +960,7 @@
NULL);
Status = ZwOpenKey(&KeyHandle,
- 0x10001,
+ KEY_ENUMERATE_SUB_KEYS,
&ObjectAttributes);
if (!NT_SUCCESS(Status))
{
_____
Modified: trunk/reactos/ntoskrnl/io/file.c
--- trunk/reactos/ntoskrnl/io/file.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/io/file.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -50,7 +50,7 @@
PreviousMode = ExGetPreviousMode();
Status = ObReferenceObjectByHandle(FileHandle,
- FILE_READ_ATTRIBUTES,
+ 0, /* FIXME - access depends on
the information class! */
IoFileObjectType,
PreviousMode,
(PVOID *)&FileObject,
@@ -402,7 +402,7 @@
/* Get the file object from the file handle */
Status = ObReferenceObjectByHandle(FileHandle,
- FILE_WRITE_ATTRIBUTES,
+ 0, /* FIXME - depends on the
information class */
IoFileObjectType,
PreviousMode,
(PVOID *)&FileObject,
_____
Modified: trunk/reactos/ntoskrnl/io/iomgr.c
--- trunk/reactos/ntoskrnl/io/iomgr.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/io/iomgr.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -34,9 +34,9 @@
ULONGLONG IoOtherTransferCount = 0;
KSPIN_LOCK EXPORTED IoStatisticsLock = 0;
-static GENERIC_MAPPING IopFileMapping = {FILE_GENERIC_READ,
- FILE_GENERIC_WRITE,
- FILE_GENERIC_EXECUTE,
+static GENERIC_MAPPING IopFileMapping = {STANDARD_RIGHTS_READ |
SYNCHRONIZE | FILE_READ_DATA | FILE_READ_PROPERTIES,
+ STANDARD_RIGHTS_WRITE |
SYNCHRONIZE | FILE_WRITE_DATA | FILE_APPEND_DATA |
FILE_WRITE_PROPERTIES,
+ STANDARD_RIGHTS_EXECUTE |
SYNCHRONIZE | FILE_EXECUTE | FILE_READ_ATTRIBUTES,
FILE_ALL_ACCESS};
/* FUNCTIONS
****************************************************************/
_____
Modified: trunk/reactos/ntoskrnl/io/vpb.c
--- trunk/reactos/ntoskrnl/io/vpb.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/io/vpb.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -107,7 +107,7 @@
PreviousMode = ExGetPreviousMode();
Status = ObReferenceObjectByHandle(FileHandle,
- FILE_READ_ATTRIBUTES,
+ 0, /* FIXME - depends on the
information class! */
IoFileObjectType,
PreviousMode,
(PVOID*)&FileObject,
_____
Modified: trunk/reactos/ntoskrnl/ke/i386/exp.c
--- trunk/reactos/ntoskrnl/ke/i386/exp.c 2005-03-19 18:31:14 UTC
(rev 14196)
+++ trunk/reactos/ntoskrnl/ke/i386/exp.c 2005-03-19 19:13:01 UTC
(rev 14197)
@@ -1,9 +1,9 @@
-/*
+/*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
* FILE: ntoskrnl/ke/i386/exp.c
* PURPOSE: Handling exceptions
- *
+ *
* PROGRAMMERS: David Welch (welch(a)cwcom.net)
* Skywing (skywing(a)valhallalegends.com)
*/
@@ -120,24 +120,31 @@
MODULE_TEXT_SECTION* current;
extern LIST_ENTRY ModuleTextListHead;
ULONG_PTR RelativeAddress;
+ ULONG i = 0;
- current_entry = ModuleTextListHead.Flink;
+ do
+ {
+ current_entry = ModuleTextListHead.Flink;
- while (current_entry != &ModuleTextListHead &&
- current_entry != NULL)
- {
- current =
- CONTAINING_RECORD(current_entry, MODULE_TEXT_SECTION,
ListEntry);
+ while (current_entry != &ModuleTextListHead &&
+ current_entry != NULL)
+ {
+ current =
+ CONTAINING_RECORD(current_entry, MODULE_TEXT_SECTION,
ListEntry);
- if (address >= (PVOID)current->Base &&
- address < (PVOID)(current->Base + current->Length))
- {
- RelativeAddress = (ULONG_PTR) address - current->Base;
- DbgPrint("<%ws: %x>", current->Name, RelativeAddress);
- return(TRUE);
- }
- current_entry = current_entry->Flink;
- }
+ if (address >= (PVOID)current->Base &&
+ address < (PVOID)(current->Base + current->Length))
+ {
+ RelativeAddress = (ULONG_PTR) address - current->Base;
+ DbgPrint("<%ws: %x>", current->Name, RelativeAddress);
+ return(TRUE);
+ }
+ current_entry = current_entry->Flink;
+ }
+
+ address = (PVOID)((ULONG_PTR)address & ~0xC0000000);
+ } while(++i <= 1);
+
return(FALSE);
}
#endif /* KDBG */
@@ -511,9 +518,9 @@
if (ExceptionNr == 15)
{
- /*
+ /*
* FIXME:
- * This exception should never occur. The P6 has a bug, which
does sometimes deliver
+ * This exception should never occur. The P6 has a bug, which
does sometimes deliver
* the apic spurious interrupt as exception 15. On an
athlon64, I get one exception
* in the early boot phase in apic mode (using the smp build).
I've looked to the linux
* sources. Linux does ignore this exception.
@@ -941,7 +948,7 @@
} _SEH_HANDLE {
return(ExceptionCode);
} _SEH_END;
-
+
OldEip = Thread->TrapFrame->Eip;
Thread->TrapFrame->Eip =
(ULONG_PTR)LdrpGetSystemDllRaiseExceptionDispatcher();
return((NTSTATUS)OldEip);
@@ -972,7 +979,7 @@
/* Restore the user context */
Thread->TrapFrame = PrevTrapFrame;
__asm__("mov %%ebx, %%esp;\n" "jmp _KiServiceExit": :
"b"
(TrapFrame));
-
+
/* We never get here */
return(STATUS_SUCCESS);
}
_____
Modified: trunk/reactos/ntoskrnl/ldr/sysdll.c
--- trunk/reactos/ntoskrnl/ldr/sysdll.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/ldr/sysdll.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -144,7 +144,7 @@
SECTION_ALL_ACCESS,
NULL,
NULL,
- PAGE_READWRITE,
+ PAGE_READONLY,
SEC_IMAGE | SEC_COMMIT,
FileHandle);
if (!NT_SUCCESS(Status))
_____
Modified: trunk/reactos/ntoskrnl/ob/handle.c
--- trunk/reactos/ntoskrnl/ob/handle.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/ob/handle.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -40,6 +40,8 @@
~(EX_HANDLE_ENTRY_PROTECTFROMCLOSE | EX_HANDLE_ENTRY_INHERITABLE |
\
EX_HANDLE_ENTRY_AUDITONCLOSE)))
+#define GENERIC_ANY (GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE |
GENERIC_ALL)
+
/* FUNCTIONS
***************************************************************/
VOID
@@ -548,7 +550,19 @@
ObjectHeader = BODY_TO_HEADER(ObjectBody);
ASSERT((ULONG_PTR)ObjectHeader & EX_HANDLE_ENTRY_LOCKED);
+
+ if (GrantedAccess & MAXIMUM_ALLOWED)
+ {
+ GrantedAccess &= ~MAXIMUM_ALLOWED;
+ GrantedAccess |= GENERIC_ALL;
+ }
+ if (GrantedAccess & GENERIC_ANY)
+ {
+ RtlMapGenericMask(&GrantedAccess,
+ ObjectHeader->ObjectType->Mapping);
+ }
+
NewEntry.u1.Object = ObjectHeader;
if(Inherit)
NewEntry.u1.ObAttributes |= EX_HANDLE_ENTRY_INHERITABLE;
@@ -644,7 +658,6 @@
POBJECT_HEADER ObjectHeader;
PVOID ObjectBody;
ACCESS_MASK GrantedAccess;
- PGENERIC_MAPPING GenericMapping;
ULONG Attributes;
NTSTATUS Status;
LONG ExHandle = HANDLE_TO_EX_HANDLE(Handle);
@@ -714,6 +727,13 @@
return(STATUS_OBJECT_TYPE_MISMATCH);
}
+ /* desire as much access rights as possible */
+ if (DesiredAccess & MAXIMUM_ALLOWED)
+ {
+ DesiredAccess &= ~MAXIMUM_ALLOWED;
+ DesiredAccess |= GENERIC_ALL;
+ }
+
KeEnterCriticalRegion();
HandleEntry =
ExMapHandleToPointer(PsGetCurrentProcess()->ObjectTable,
@@ -729,48 +749,53 @@
ObjectBody = HEADER_TO_BODY(ObjectHeader);
DPRINT("locked1: ObjectHeader: 0x%x [HT:0x%x]\n", ObjectHeader,
PsGetCurrentProcess()->ObjectTable);
-
- ObReferenceObjectByPointer(ObjectBody,
- 0,
- NULL,
- UserMode);
- Attributes = HandleEntry->u1.ObAttributes &
(EX_HANDLE_ENTRY_PROTECTFROMCLOSE |
-
EX_HANDLE_ENTRY_INHERITABLE |
-
EX_HANDLE_ENTRY_AUDITONCLOSE);
- GrantedAccess = HandleEntry->u2.GrantedAccess;
- GenericMapping = ObjectHeader->ObjectType->Mapping;
-
+
if (ObjectType != NULL && ObjectType != ObjectHeader->ObjectType)
{
DPRINT("ObjectType mismatch: %wZ vs %wZ (handle 0x%x)\n",
&ObjectType->TypeName, ObjectHeader->ObjectType ?
&ObjectHeader->ObjectType->TypeName : NULL, Handle);
-
+
ExUnlockHandleTableEntry(PsGetCurrentProcess()->ObjectTable,
HandleEntry);
KeLeaveCriticalRegion();
- ObDereferenceObject(ObjectBody);
-
+
return(STATUS_OBJECT_TYPE_MISMATCH);
}
- ExUnlockHandleTableEntry(PsGetCurrentProcess()->ObjectTable,
- HandleEntry);
+ /* map the generic access masks if the caller asks for generic
access */
+ if (DesiredAccess & GENERIC_ANY)
+ {
+ RtlMapGenericMask(&DesiredAccess,
+
BODY_TO_HEADER(ObjectBody)->ObjectType->Mapping);
+ }
- KeLeaveCriticalRegion();
+ GrantedAccess = HandleEntry->u2.GrantedAccess;
- if (DesiredAccess && AccessMode != KernelMode)
+ /* Unless running as KernelMode, deny access if caller desires more
access
+ rights than the handle can grant */
+ if(AccessMode != KernelMode && (~GrantedAccess & DesiredAccess))
{
- RtlMapGenericMask(&DesiredAccess, GenericMapping);
+ ExUnlockHandleTableEntry(PsGetCurrentProcess()->ObjectTable,
+ HandleEntry);
- if (!(GrantedAccess & DesiredAccess) &&
- !((~GrantedAccess) & DesiredAccess))
- {
- ObDereferenceObject(ObjectBody);
- CHECKPOINT;
- return(STATUS_ACCESS_DENIED);
- }
+ KeLeaveCriticalRegion();
+
+ return(STATUS_ACCESS_DENIED);
}
+ ObReferenceObjectByPointer(ObjectBody,
+ 0,
+ NULL,
+ UserMode);
+ Attributes = HandleEntry->u1.ObAttributes &
(EX_HANDLE_ENTRY_PROTECTFROMCLOSE |
+
EX_HANDLE_ENTRY_INHERITABLE |
+
EX_HANDLE_ENTRY_AUDITONCLOSE);
+
+ ExUnlockHandleTableEntry(PsGetCurrentProcess()->ObjectTable,
+ HandleEntry);
+
+ KeLeaveCriticalRegion();
+
if (HandleInformation != NULL)
{
HandleInformation->HandleAttributes = Attributes;
@@ -838,9 +863,6 @@
Access = DesiredAccess;
ObjectHeader = BODY_TO_HEADER(Object);
- RtlMapGenericMask(&Access,
- ObjectHeader->ObjectType->Mapping);
-
return(ObCreateHandle(PsGetCurrentProcess(),
Object,
Access,
_____
Modified: trunk/reactos/ntoskrnl/ob/object.c
--- trunk/reactos/ntoskrnl/ob/object.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/ob/object.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -412,7 +412,7 @@
else
{
Status =
ObReferenceObjectByHandle(ObjectAttributes->RootDirectory,
- DIRECTORY_TRAVERSE,
+ 0,
NULL,
UserMode,
&CurrentObject,
_____
Modified: trunk/reactos/ntoskrnl/se/token.c
--- trunk/reactos/ntoskrnl/se/token.c 2005-03-19 18:31:14 UTC (rev
14196)
+++ trunk/reactos/ntoskrnl/se/token.c 2005-03-19 19:13:01 UTC (rev
14197)
@@ -1663,7 +1663,7 @@
// &Length);
Status = ObReferenceObjectByHandle (TokenHandle,
- TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY,
+ TOKEN_ADJUST_PRIVILEGES |
(PreviousState != NULL ? TOKEN_QUERY : 0),
SepTokenObjectType,
PreviousMode,
(PVOID*)&Token,
_____
Modified: trunk/reactos/subsys/smss/initwkdll.c
--- trunk/reactos/subsys/smss/initwkdll.c 2005-03-19 18:31:14 UTC
(rev 14196)
+++ trunk/reactos/subsys/smss/initwkdll.c 2005-03-19 19:13:01 UTC
(rev 14197)
@@ -60,7 +60,7 @@
(HANDLE)Context,
NULL);
Status = NtOpenFile(&FileHandle,
- SYNCHRONIZE | FILE_EXECUTE,
+ SYNCHRONIZE | FILE_EXECUTE | FILE_READ_DATA,
&ObjectAttributes,
&IoStatusBlock,
FILE_SHARE_READ,
_____
Modified: trunk/reactos/subsys/system/services/database.c
--- trunk/reactos/subsys/system/services/database.c 2005-03-19
18:31:14 UTC (rev 14196)
+++ trunk/reactos/subsys/system/services/database.c 2005-03-19
19:13:01 UTC (rev 14197)
@@ -327,7 +327,7 @@
NULL);
Status = RtlpNtOpenKey(&ServicesKey,
- 0x10001,
+ KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS,
&ObjectAttributes,
0);
if (!NT_SUCCESS(Status))
_____
Modified: trunk/reactos/subsys/system/winlogon/setup.c
--- trunk/reactos/subsys/system/winlogon/setup.c 2005-03-19
18:31:14 UTC (rev 14196)
+++ trunk/reactos/subsys/system/winlogon/setup.c 2005-03-19
19:13:01 UTC (rev 14197)
@@ -84,7 +84,7 @@
dwError = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
L"SYSTEM\\Setup", //TEXT("SYSTEM\\Setup"),
0,
- KEY_QUERY_VALUE,
+ KEY_SET_VALUE,
&hKey);
if (dwError != ERROR_SUCCESS)
{