Line data    Source code

       1             : /*
       2             :  * Unix SMB/CIFS implementation.
       3             :  * Registry helper routines
       4             :  * Copyright (C) Michael Adam 2007
       5             :  * 
       6             :  * This program is free software; you can redistribute it and/or modify it
       7             :  * under the terms of the GNU General Public License as published by the Free
       8             :  * Software Foundation; either version 3 of the License, or (at your option)
       9             :  * any later version.
      10             :  * 
      11             :  * This program is distributed in the hope that it will be useful, but WITHOUT
      12             :  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
      13             :  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
      14             :  * more details.
      15             :  * 
      16             :  * You should have received a copy of the GNU General Public License along with
      17             :  * this program; if not, see <http://www.gnu.org/licenses/>.
      18             :  */
      19             : 
      20             : #include "includes.h"
      21             : #include "reg_util_token.h"
      22             : #include "../libcli/security/security.h"
      23             : 
      24             : /*
      25             :  * create a fake token just with enough rights to
      26             :  * locally access the registry:
      27             :  *
      28             :  * - builtin administrators sid
      29             :  * - disk operators privilege
      30             :  */
      31        1444 : NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
      32             :                                      struct security_token **ptoken)
      33             : {
      34          23 :         NTSTATUS status;
      35        1444 :         struct security_token *token = NULL;
      36             : 
      37        1444 :         if (ptoken == NULL) {
      38           0 :                 return NT_STATUS_INVALID_PARAMETER;
      39             :         }
      40             : 
      41        1444 :         token = talloc_zero(mem_ctx, struct security_token);
      42        1444 :         if (token == NULL) {
      43           0 :                 DEBUG(1, ("talloc failed\n"));
      44           0 :                 status = NT_STATUS_NO_MEMORY;
      45           0 :                 goto done;
      46             :         }
      47        1444 :         security_token_set_privilege(token, SEC_PRIV_DISK_OPERATOR);
      48             : 
      49        1444 :         status = add_sid_to_array(token, &global_sid_Builtin_Administrators,
      50             :                                   &token->sids, &token->num_sids);
      51        1444 :         if (!NT_STATUS_IS_OK(status)) {
      52           0 :                 DEBUG(1, ("Error adding builtin administrators sid "
      53             :                           "to fake token.\n"));
      54           0 :                 goto done;
      55             :         }
      56             : 
      57        1444 :         *ptoken = token;
      58             : 
      59        1444 : done:
      60        1444 :         return status;
      61             : }