Author: ekohl Date: Mon Jun 27 22:35:54 2016 New Revision: 71686 URL: http://svn.reactos.org/svn/reactos?rev=71686&view=rev Log: [SERVICES] RSetServiceObjectSecurity: Modify and store a service security descriptor. Modified: trunk/reactos/base/system/services/rpcserver.c Modified: trunk/reactos/base/system/services/rpcserver.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/system/services/rpcse… ============================================================================== --- trunk/reactos/base/system/services/rpcserver.c [iso-8859-1] (original) +++ trunk/reactos/base/system/services/rpcserver.c [iso-8859-1] Mon Jun 27 22:35:54 2016 @@ -1441,9 +1441,10 @@ PSERVICE_HANDLE hSvc; PSERVICE lpService; ULONG DesiredAccess = 0; - /* HANDLE hToken = NULL; */ - HKEY hServiceKey; - /* NTSTATUS Status; */ + HANDLE hToken = NULL; + HKEY hServiceKey = NULL; + BOOL bDatabaseLocked = FALSE; + NTSTATUS Status; DWORD dwError; DPRINT("RSetServiceObjectSecurity() called\n"); @@ -1483,14 +1484,14 @@ if (!RtlAreAllAccessesGranted(hSvc->Handle.DesiredAccess, DesiredAccess)) { - DPRINT("Insufficient access rights! 0x%lx\n", hSvc->Handle.DesiredAccess); + DPRINT1("Insufficient access rights! 0x%lx\n", hSvc->Handle.DesiredAccess); return ERROR_ACCESS_DENIED; } lpService = hSvc->ServiceEntry; if (lpService == NULL) { - DPRINT("lpService == NULL!\n"); + DPRINT1("lpService == NULL!\n"); return ERROR_INVALID_HANDLE; } @@ -1510,13 +1511,10 @@ RpcRevertToSelf(); #endif - /* Lock the service database exclusive */ - ScmLockDatabaseExclusive(); - -#if 0 + /* Build the new security descriptor */ Status = RtlSetSecurityObject(dwSecurityInformation, (PSECURITY_DESCRIPTOR)lpSecurityDescriptor, - &lpService->lpSecurityDescriptor, + &lpService->pSecurityDescriptor, &ScmServiceMapping, hToken); if (!NT_SUCCESS(Status)) @@ -1524,31 +1522,34 @@ dwError = RtlNtStatusToDosError(Status); goto Done; } -#endif - + + /* Lock the service database exclusive */ + ScmLockDatabaseExclusive(); + bDatabaseLocked = TRUE; + + /* Open the service key */ dwError = ScmOpenServiceKey(lpService->lpServiceName, READ_CONTROL | KEY_CREATE_SUB_KEY | KEY_SET_VALUE, &hServiceKey); if (dwError != ERROR_SUCCESS) goto Done; - UNIMPLEMENTED; - dwError = ERROR_SUCCESS; -// dwError = ScmWriteSecurityDescriptor(hServiceKey, -// lpService->lpSecurityDescriptor); + /* Store the new security descriptor */ + dwError = ScmWriteSecurityDescriptor(hServiceKey, + lpService->pSecurityDescriptor); RegFlushKey(hServiceKey); - RegCloseKey(hServiceKey); Done: - -#if 0 + if (hServiceKey != NULL) + RegCloseKey(hServiceKey); + + /* Unlock service database */ + if (bDatabaseLocked == TRUE) + ScmUnlockDatabase(); + if (hToken != NULL) NtClose(hToken); -#endif - - /* Unlock service database */ - ScmUnlockDatabase(); DPRINT("RSetServiceObjectSecurity() done (Error %lu)\n", dwError);