1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
/*
*
* cygwin_util.c
*
* Author: Corinna Vinschen <vinschen@cygnus.com>
*
* Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany
* All rights reserved
*
* Created: Sat Sep 02 12:17:00 2000 cv
*
* This file contains functions for forcing opened file descriptors to
* binary mode on Windows systems.
*/
#include "config.h"
#ifdef HAVE_CYGWIN
#include <fcntl.h>
#include <io.h>
#include <stdlib.h>
#include <sys/vfs.h>
#include <windows.h>
#define is_winnt (GetVersion() < 0x80000000)
int binary_open(const char *filename, int flags, mode_t mode)
{
return open(filename, flags | O_BINARY, mode);
}
int binary_pipe(int fd[2])
{
int ret = pipe(fd);
if (!ret) {
setmode (fd[0], O_BINARY);
setmode (fd[1], O_BINARY);
}
return ret;
}
int check_nt_auth(int pwd_authenticated, uid_t uid)
{
/*
* The only authentication which is able to change the user
* context on NT systems is the password authentication. So
* we deny all requsts for changing the user context if another
* authentication method is used.
* This may change in future when a special openssh
* subauthentication package is available.
*/
if (is_winnt && !pwd_authenticated && geteuid() != uid)
return 0;
return 1;
}
int check_ntsec(const char *filename)
{
char *cygwin;
int allow_ntea = 0;
int allow_ntsec = 0;
struct statfs fsstat;
/* Windows 95/98/ME don't support file system security at all. */
if (!is_winnt)
return 0;
/* Evaluate current CYGWIN settings. */
if ((cygwin = getenv("CYGWIN")) != NULL) {
if (strstr(cygwin, "ntea") && !strstr(cygwin, "nontea"))
allow_ntea = 1;
if (strstr(cygwin, "ntsec") && !strstr(cygwin, "nontsec"))
allow_ntsec = 1;
}
/*
* `ntea' is an emulation of POSIX attributes. It doesn't support
* real file level security as ntsec on NTFS file systems does
* but it supports FAT filesystems. `ntea' is minimum requirement
* for security checks.
*/
if (allow_ntea)
return 1;
/*
* Retrieve file system flags. In Cygwin, file system flags are
* copied to f_type which has no meaning in Win32 itself.
*/
if (statfs(filename, &fsstat))
return 1;
/*
* Only file systems supporting ACLs are able to set permissions.
* `ntsec' is the setting in Cygwin which switches using of NTFS
* ACLs to support POSIX permissions on files.
*/
if (fsstat.f_type & FS_PERSISTENT_ACLS)
return allow_ntsec;
return 0;
}
#endif /* HAVE_CYGWIN */
|
