2020-09-30 16:53:55 +02:00

601 lines
17 KiB
C++

//+---------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1992 - 1996.
//
// File: desktop.cxx
//
// Contents: Creation/initialization of the Scheduling Agent windowstation
// and its desktop, "SAWinSta\SADesktop". This windowstation
// needs to exist to run tasks when no user is logged on, or the
// logged on user is different than the task-specific account.
//
// Classes: None.
//
// Functions: None.
//
// History: 26-Jun-96 MarkBl Created
//
//----------------------------------------------------------------------------
#include "..\pch\headers.hxx"
#pragma hdrstop
#include "debug.hxx"
#include "..\inc\security.hxx"
#define SA_WINDOW_STATION L"SAWinSta"
#define SA_DESKTOP L"SADesktop"
//
// Define all access to windows objects
//
// From windows\gina\winlogon\secutil.c
//
#define DESKTOP_ALL (DESKTOP_READOBJECTS | DESKTOP_CREATEWINDOW | \
DESKTOP_CREATEMENU | DESKTOP_HOOKCONTROL | \
DESKTOP_JOURNALRECORD | DESKTOP_JOURNALPLAYBACK | \
DESKTOP_ENUMERATE | DESKTOP_WRITEOBJECTS | \
DESKTOP_SWITCHDESKTOP | STANDARD_RIGHTS_REQUIRED)
#define WINSTA_ALL (WINSTA_ENUMDESKTOPS | WINSTA_READATTRIBUTES | \
WINSTA_ACCESSCLIPBOARD | WINSTA_CREATEDESKTOP | \
WINSTA_WRITEATTRIBUTES | WINSTA_ACCESSGLOBALATOMS | \
WINSTA_EXITWINDOWS | WINSTA_ENUMERATE | \
WINSTA_READSCREEN | \
STANDARD_RIGHTS_REQUIRED)
#define WINSTA_ATOMS (WINSTA_ACCESSGLOBALATOMS | \
WINSTA_ACCESSCLIPBOARD )
HDESK CreateSADesktop(HWINSTA hWinSta);
HWINSTA CreateSAWindowStation(void);
PSID GetProcessSid(void);
BOOL InitializeSAWindow(void);
BOOL SetSADesktopSecurity(
HDESK hDesktop,
PSID pSchedAgentSid,
PSID pBatchSid);
BOOL SetSAWindowStationSecurity(
HWINSTA hWinSta,
PSID pSchedAgentSid,
PSID pBatchSid);
void UninitializeSAWindow(void);
// Globals used in this module exclusively.
// Initialized in InitializeSAWindow, closed in UnitializeSAWindow.
//
HWINSTA ghSAWinsta = NULL; // Handle to window station, "SAWinSta".
HDESK ghSADesktop = NULL; // Handle to desktop, "SADesktop"
//+---------------------------------------------------------------------------
//
// Function: InitializeSAWindow
//
// Synopsis: Create and set security info on the windowstation\desktop,
// "SAWinSta\SADesktop". This desktop exists for tasks which
// run under an account different than the currently logged
// on user, or when no user is logged on. Note, these tasks will
// never appear on the interactive desktop.
//
// Arguments: None.
//
// Returns: TRUE -- Everything succeeded.
// FALSE -- Encountered an error.
//
// Notes: None.
//
//----------------------------------------------------------------------------
BOOL
InitializeSAWindow(void)
{
BOOL fRet = TRUE;
PSID pBatchSid;
PSID pSchedAgentSid;
HWINSTA hWinSta = NULL;
HWINSTA hServiceWinSta = NULL;
HDESK hDesktop = NULL;
BOOL fChangedWinSta = FALSE;
//
// Retrieve local system and batch account SIDs.
//
SID_IDENTIFIER_AUTHORITY SidAuth = SECURITY_NT_AUTHORITY;
if (!AllocateAndInitializeSid(&SidAuth,
1,
SECURITY_BATCH_RID,
0, 0, 0, 0, 0, 0, 0,
&pBatchSid))
{
schDebugOut((DEB_ERROR,
"InitializeSAWindow, AllocateAndInitializeSid failed, " \
"status = 0x%lx\n",
GetLastError()));
return(FALSE);
}
if ((pSchedAgentSid = GetProcessSid()) == NULL)
{
fRet = FALSE;
goto CleanExit;
}
//
// Get current service window station.
//
hServiceWinSta = GetProcessWindowStation();
if (hServiceWinSta == NULL) {
fRet = FALSE;
goto CleanExit;
}
//
// Create the window station & desktop.
//
if ((hWinSta = CreateSAWindowStation()) == NULL)
{
fRet = FALSE;
goto CleanExit;
}
if (!SetProcessWindowStation(hWinSta))
{
schDebugOut((DEB_ERROR,
"InitializeSAWindow, SetProcessWindowStation failed, " \
"status = 0x%lx\n",
GetLastError()));
fRet = FALSE;
goto CleanExit;
}
fChangedWinSta = TRUE;
if ((hDesktop = CreateSADesktop(hWinSta)) == NULL)
{
fRet = FALSE;
goto CleanExit;
}
//
// Set security on the window station & desktop.
//
if (!SetSAWindowStationSecurity(hWinSta, pSchedAgentSid, pBatchSid))
{
fRet = FALSE;
goto CleanExit;
}
if (!SetSADesktopSecurity(hDesktop, pSchedAgentSid, pBatchSid))
{
fRet = FALSE;
goto CleanExit;
}
CleanExit:
//
// If we have changed the window station, switch back to service window
// station.
//
if (fChangedWinSta) {
schAssert(hServiceWinSta);
if (!SetProcessWindowStation(hServiceWinSta))
{
schDebugOut((DEB_ERROR,
"InitializeSAWindow, SetProcessWindowStation failed, status = 0x%lx\n",
GetLastError()));
fRet = FALSE;
}
}
if (pBatchSid != NULL) FreeSid(pBatchSid);
if (pSchedAgentSid != NULL) LocalFree(pSchedAgentSid);
if (fRet)
{
ghSAWinsta = hWinSta;
ghSADesktop = hDesktop;
}
else
{
if (hWinSta != NULL) CloseHandle(hWinSta);
if (hDesktop != NULL) CloseHandle(hDesktop);
//
// even though the initial NULL values should still be untouched,
// we'll be extra paranoid here and pretend that gremlins may have fiddled with them
//
ghSAWinsta = NULL;
ghSADesktop = NULL;
}
return(fRet);
}
//+---------------------------------------------------------------------------
//
// Function: UninitializeSAWindow
//
// Synopsis: Close the global window station & desktop handles.
//
// Arguments: None.
//
// Returns: None.
//
// Notes: None.
//
//----------------------------------------------------------------------------
void
UninitializeSAWindow(void)
{
if (ghSADesktop != NULL)
{
CloseDesktop(ghSADesktop);
ghSADesktop = NULL;
}
if (ghSAWinsta != NULL)
{
CloseWindowStation(ghSAWinsta);
ghSAWinsta = NULL;
}
}
//+---------------------------------------------------------------------------
//
// Function: GetProcessSid
//
// Synopsis: Obtain the SID of this process.
//
// Arguments: None.
//
// Returns: This process' sid.
// NULL on failure.
//
// Notes: None.
//
//----------------------------------------------------------------------------
PSID
GetProcessSid(void)
{
PSECURITY_DESCRIPTOR psdProcessSD = NULL;
PSID pProcessSid = NULL;
PSID pProcessSidTmp;
DWORD cbSize;
HANDLE hProcess;
BOOL fOwnerDefaulted;
hProcess = GetCurrentProcess();
if (hProcess == NULL)
{
schDebugOut((DEB_ERROR,
"GetProcessSid, GetCurrentProcess failed, status = 0x%lx\n",
GetLastError()));
return(NULL);
}
//
// Retrieve the buffer size necessary to retrieve this process' SD.
//
if (!GetKernelObjectSecurity(hProcess,
OWNER_SECURITY_INFORMATION,
NULL,
0,
&cbSize) &&
GetLastError() == ERROR_INSUFFICIENT_BUFFER)
{
psdProcessSD = LocalAlloc(LMEM_FIXED, cbSize);
if (psdProcessSD == NULL)
{
schDebugOut((DEB_ERROR,
"GetProcessSid, process security descriptor allocation " \
"failure\n"));
return(NULL);
}
//
// Actually retrieve this process' SD.
//
if (!GetKernelObjectSecurity(hProcess,
OWNER_SECURITY_INFORMATION,
psdProcessSD,
cbSize,
&cbSize))
{
schDebugOut((DEB_ERROR,
"GetProcessSid, GetKernelObjectSecurity failed, " \
"status = 0x%lx\n",
GetLastError()));
goto ErrorExit;
}
}
else
{
schAssert(0 && "GetKernelObjectSecurity() succeeded!");
return(NULL);
}
//
// Retrieve the owner SID from the SD.
//
if (!GetSecurityDescriptorOwner(psdProcessSD,
&pProcessSidTmp,
&fOwnerDefaulted))
{
schDebugOut((DEB_ERROR,
"GetProcessSid, GetSecurityDescriptorOwner failed, " \
"status = 0x%lx\n",
GetLastError()));
goto ErrorExit;
}
//
// An unnecessary check, maybe, but safe.
//
if (!IsValidSid(pProcessSidTmp))
{
schDebugOut((DEB_ERROR,
"GetProcessSid, IsValidSid failed, status = 0x%lx\n",
GetLastError()));
goto ErrorExit;
}
//
// Make a copy of the SID since that returned from GetSecuritySD refers
// within the security descriptor allocated above.
//
cbSize = GetLengthSid(pProcessSidTmp);
pProcessSid = LocalAlloc(LMEM_FIXED, cbSize);
if (pProcessSid == NULL)
{
schDebugOut((DEB_ERROR,
"GetProcessSid, process SID allocation failure\n"));
goto ErrorExit;
}
if (!CopySid(cbSize, pProcessSid, pProcessSidTmp))
{
LocalFree(pProcessSid);
pProcessSid = NULL;
schDebugOut((DEB_ERROR,
"GetProcessSid, CopySid failed, status = 0x%lx\n",
GetLastError()));
}
ErrorExit:
if (psdProcessSD != NULL) LocalFree(psdProcessSD);
return(pProcessSid);
}
//+---------------------------------------------------------------------------
//
// Function: CreateSAWindowStation
//
// Synopsis: Create the window station named "SAWinSta".
//
// Arguments: None.
//
// Returns: Window station handle on success.
// NULL on failure.
//
// Notes: None.
//
//----------------------------------------------------------------------------
HWINSTA
CreateSAWindowStation(void)
{
HWINSTA hWinSta;
if ((hWinSta = CreateWindowStation(SA_WINDOW_STATION,
NULL,
MAXIMUM_ALLOWED,
NULL)) == NULL)
{
schDebugOut((DEB_ERROR,
"CreateSAWindowStation, CreateWindowStation failed, " \
"status = 0x%lx\n",
GetLastError()));
return(NULL);
}
return(hWinSta);
}
//+---------------------------------------------------------------------------
//
// Function: CreateSADesktop
//
// Synopsis: Create the desktop, "SADesktop", on the window station
// indicated.
//
// Arguments: [hWinSta] -- Window station.
//
// Returns: Desktop handle on success.
// NULL on failure.
//
// Notes: None.
//
//----------------------------------------------------------------------------
HDESK
CreateSADesktop(HWINSTA hWinSta)
{
HDESK hDesktop;
if ((hDesktop = CreateDesktop(SA_DESKTOP,
NULL,
NULL,
0,
MAXIMUM_ALLOWED,
NULL)) == NULL)
{
schDebugOut((DEB_ERROR,
"CreateSADesktop, CreateDesktop failed, status = 0x%lx\n",
GetLastError()));
return(NULL);
}
return(hDesktop);
}
//+---------------------------------------------------------------------------
//
// Function: SetSAWindowStationSecurity
//
// Synopsis: Set permissions on the scheduling agent window station for
// this process and batch users.
//
// Arguments: [hWinSta] -- Window station.
// [pSchedAgentSid] -- Scheduling Agent process SID.
// [pBatchSid] -- Batch SID.
//
// Returns: TRUE -- Function succeeded,
// FALSE -- Otherwise.
//
// Notes: None.
//
//----------------------------------------------------------------------------
BOOL
SetSAWindowStationSecurity(
HWINSTA hWinSta,
PSID pSchedAgentSid,
PSID pBatchSid)
{
#define WS_ACE_COUNT 4
PACCESS_ALLOWED_ACE rgAce[WS_ACE_COUNT] = {
NULL, NULL, NULL, NULL }; // Supply this to CreateSD so we
// don't have to allocate memory.
MYACE rgMyAce[WS_ACE_COUNT] = {
{ WINSTA_ALL, // Acess mask.
NO_PROPAGATE_INHERIT_ACE, // Inherit flags.
pSchedAgentSid }, // SID.
{ GENERIC_ALL,
OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE,
pSchedAgentSid },
{ WINSTA_ALL & ~(DELETE | WRITE_DAC | WRITE_OWNER), // need to leave READ_CONTROL in this or jobs can't run
NO_PROPAGATE_INHERIT_ACE,
pBatchSid },
{ GENERIC_READ | GENERIC_EXECUTE,
INHERIT_ONLY_ACE,
pBatchSid }
};
schAssert(WS_ACE_COUNT == (sizeof(rgAce)/sizeof(PACCESS_ALLOWED_ACE)) &&
WS_ACE_COUNT == (sizeof(rgMyAce) / sizeof(MYACE)));
PSECURITY_DESCRIPTOR pSecurityDescriptor;
SECURITY_INFORMATION si;
DWORD Status = 0;
if ((pSecurityDescriptor = CreateSecurityDescriptor(WS_ACE_COUNT,
rgMyAce,
rgAce)) == NULL)
{
return(FALSE);
}
si = DACL_SECURITY_INFORMATION;
if (!SetUserObjectSecurity(hWinSta, &si, pSecurityDescriptor))
{
Status = GetLastError();
}
DeleteSecurityDescriptor(pSecurityDescriptor);
if (Status)
{
schDebugOut((DEB_ERROR,
"SetSASetWindowStationSecurity, SetUserObjectSecurity failed, " \
"status = 0x%lx\n",
Status));
return(FALSE);
}
return(TRUE);
}
//+---------------------------------------------------------------------------
//
// Function: SetSADesktopSecurity
//
// Synopsis: Set permissions on the scheduling agent desktop for this
// process and batch users.
//
// Arguments: [hDesktop] -- Desktop.
// [pSchedAgentSid] -- Scheduling Agent process SID.
// [pBatchSid] -- Batch SID.
//
// Returns: TRUE -- Function succeeded,
// FALSE -- Otherwise.
//
// Notes: None.
//
//----------------------------------------------------------------------------
BOOL
SetSADesktopSecurity(
HDESK hDesktop,
PSID pSchedAgentSid,
PSID pBatchSid)
{
#define DT_ACE_COUNT 2
PACCESS_ALLOWED_ACE rgAce[DT_ACE_COUNT] = {
NULL, NULL }; // Supply this to CreateSD so we
// don't have to allocate memory.
MYACE rgMyAce[DT_ACE_COUNT] = {
{ DESKTOP_ALL, // Acess mask.
0, // Inherit flags.
pSchedAgentSid }, // SID.
{ DESKTOP_ALL & ~STANDARD_RIGHTS_REQUIRED,
0,
pBatchSid }
};
schAssert(DT_ACE_COUNT == (sizeof(rgAce)/sizeof(PACCESS_ALLOWED_ACE)) &&
DT_ACE_COUNT == (sizeof(rgMyAce) / sizeof(MYACE)));
PSECURITY_DESCRIPTOR pSecurityDescriptor;
SECURITY_INFORMATION si;
DWORD Status = 0;
if ((pSecurityDescriptor = CreateSecurityDescriptor(DT_ACE_COUNT,
rgMyAce,
rgAce)) == NULL)
{
return(FALSE);
}
si = DACL_SECURITY_INFORMATION;
if (!SetUserObjectSecurity(hDesktop, &si, pSecurityDescriptor))
{
Status = GetLastError();
}
DeleteSecurityDescriptor(pSecurityDescriptor);
if (Status)
{
schDebugOut((DEB_ERROR,
"SetSADesktopSecurity, SetUserObjectSecurity failed, " \
"status = 0x%lx\n",
Status));
return(FALSE);
}
return(TRUE);
}