Index: sandbox/win/src/sid.cc |
diff --git a/sandbox/win/src/sid.cc b/sandbox/win/src/sid.cc |
index 261605d547b99cf303913e72943125f71991dee6..8bd817320cb3bc7e3454630bc19ea10d6d4d1a77 100644 |
--- a/sandbox/win/src/sid.cc |
+++ b/sandbox/win/src/sid.cc |
@@ -4,15 +4,20 @@ |
#include "sandbox/win/src/sid.h" |
+#include <objbase.h> |
+#include <sddl.h> |
+ |
#include "base/logging.h" |
namespace sandbox { |
-Sid::Sid(const SID *sid) { |
+Sid::Sid(const SID *sid) |
+ : unique_sub_auth_sid_(NULL) { |
forshaw
2015/02/23 13:32:29
unique_sub_auth_sid_ never actually used.
Shrikant Kelkar
2015/02/23 17:54:01
Done.
|
::CopySid(SECURITY_MAX_SID_SIZE, sid_, const_cast<SID*>(sid)); |
forshaw
2015/02/23 13:32:29
nit: Obviously the original code didn't check the
Shrikant Kelkar
2015/02/23 17:54:01
Done.
|
}; |
-Sid::Sid(WELL_KNOWN_SID_TYPE type) { |
+Sid::Sid(WELL_KNOWN_SID_TYPE type) |
+ : unique_sub_auth_sid_(NULL) { |
DWORD size_sid = SECURITY_MAX_SID_SIZE; |
BOOL result = ::CreateWellKnownSid(type, NULL, sid_, &size_sid); |
DCHECK(result); |
@@ -23,4 +28,29 @@ const SID *Sid::GetPSID() const { |
return reinterpret_cast<SID*>(const_cast<BYTE*>(sid_)); |
} |
+void Sid::GenerateUniqueSubAuthoritySid(std::wstring* unique_sid) { |
forshaw
2015/02/23 13:32:29
nit: Would it not make more sense to return the ws
Shrikant Kelkar
2015/02/23 17:54:01
Done.
|
+ SID_IDENTIFIER_AUTHORITY authority = SECURITY_APP_PACKAGE_AUTHORITY; |
+ GUID guid = { 0 }; |
+ ::CoCreateGuid(&guid); |
forshaw
2015/02/23 13:32:29
Not sure I like creating random SIDs too much, the
Shrikant Kelkar
2015/02/23 17:54:01
Yes, I see your point, will discuss with other rev
|
+ unsigned long* guid_long = reinterpret_cast<unsigned long*>(&guid); |
+ PSID sid = NULL; |
+ DWORD sub_auth = *GetSidSubAuthority(reinterpret_cast<SID*>(sid_), 0); |
+ ::AllocateAndInitializeSid(&authority, |
+ 8, |
+ sub_auth, |
+ guid_long[0], |
+ guid_long[1], |
+ guid_long[2], |
+ guid_long[3], |
+ 1, |
+ 1, |
+ 1, |
+ &sid); |
+ LPWSTR sid_string = NULL; |
+ ::ConvertSidToStringSid(sid, &sid_string); |
+ *unique_sid = sid_string; |
+ ::FreeSid(sid); |
+ ::LocalFree(sid_string); |
+} |
+ |
} // namespace sandbox |