Windows: Only allow the local system account to speak to the redirector
authorRod Widdowson <rdw@steadingsoftware.com>
Fri, 28 Dec 2012 14:40:40 +0000 (14:40 +0000)
committerJeffrey Altman <jaltman@your-file-system.com>
Mon, 7 Jan 2013 15:23:49 +0000 (07:23 -0800)
commit5138c07abd076e0fa90d70a175a3a822fb127ef5
tree8e26ec7c390652b871fb40e19e244c4a05c5d658
parent8e8e3c26b87d78b92d96ba91d58ee59d774ebcb5
Windows: Only allow the local system account to speak to the redirector

When we get the IOCTL_AFS_INITIALIZE_CONTROL_DEVICE IOCTL we check to
see whether the calling process is the LOCAL_SYSTEM_SID (the one that
services run at if they are not running as a specified SID).  If we
are not then the initialize fails ACCESS_DENIED.

If the debug build ONLY, setting the AFS_DBG_DISABLE_SYSTEM_SID_CHECK
bit in OpenAFSDebugFlags circumvents this check, allowing interactive
debugging.

Existing code stops two processes (or even handles) from trying to
initialize the system.

Change-Id: I2ef8ca3a0df908acba38b435178d0509e96d6114
Reviewed-on: http://gerrit.openafs.org/8842
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
src/WINNT/afsrdr/common/AFSRedirCommonDefines.h
src/WINNT/afsrdr/kernel/fs/AFSCommSupport.cpp
src/WINNT/afsrdr/kernel/fs/AFSProcessSupport.cpp
src/WINNT/afsrdr/kernel/fs/Include/AFSCommon.h