// helper used by CreateCryptProv
HRESULT
IsServiceAccount(
    OUT BOOL    * pfMember)
{
    HRESULT hr = S_OK;
    BOOL    fMember = FALSE;

    hr = IsMemberOf(WinLocalServiceSid, NULL, &fMember);
    if (FAILED(hr) || fMember)
    {
        goto Cleanup;
    }

    hr = IsMemberOf(WinLocalSystemSid, NULL, &fMember);
    if (FAILED(hr) || fMember)
    {
        goto Cleanup;
    }

    hr = IsMemberOf(WinNetworkServiceSid, NULL, &fMember);
    if (FAILED(hr) || fMember)
    {
        goto Cleanup;
    }

Cleanup:

    *pfMember = fMember;
    return hr;
}
예제 #2
0
파일: cred.cpp 프로젝트: monsterzz/porto
bool TCred::IsMemberOf(std::string groupname) const {
    gid_t gid;

    if (GroupId(groupname, gid))
        return false;

    return IsMemberOf(gid);
}
예제 #3
0
파일: cred.cpp 프로젝트: monsterzz/porto
/* Returns true for priveleged or if uid/gid intersects */
bool TCred::IsPermitted(const TCred &requirement) const {

    if (Uid == requirement.Uid)
        return true;

    if (IsRootUser())
        return true;

    if (IsMemberOf(requirement.Gid))
        return true;

    for (auto gid: requirement.Groups)
        if (IsMemberOf(gid))
            return true;

    return false;
}
예제 #4
0
파일: mono-security.c 프로젝트: LevNNN/mono
gboolean
ves_icall_System_Security_Principal_WindowsPrincipal_IsMemberOfGroupName (gpointer user, MonoString *group)
{
    gboolean result = FALSE;

#ifdef HOST_WIN32

    MONO_ARCH_SAVE_REGS;

    /* Windows version use a cache built using WindowsIdentity._GetRoles */
    g_warning ("IsMemberOfGroupName should never be called on Win32");

#else /* HOST_WIN32 */
    gchar *utf8_groupname;

    MONO_ARCH_SAVE_REGS;

    utf8_groupname = mono_unicode_to_external (mono_string_chars (group));
    if (utf8_groupname) {
        struct group *g = NULL;
#ifdef HAVE_GETGRNAM_R
        struct group grp;
        gchar *fbuf;
        gint32 retval;
#ifdef _SC_GETGR_R_SIZE_MAX
        size_t fbufsize = mono_sysconf (_SC_GETGR_R_SIZE_MAX);
#else
        size_t fbufsize = MONO_SYSCONF_DEFAULT_SIZE;
#endif
        fbuf = g_malloc0 (fbufsize);
        retval = getgrnam_r (utf8_groupname, &grp, fbuf, fbufsize, &g);
        result = ((retval == 0) && (g == &grp));
#else
        /* default to non thread-safe but posix compliant function */
        g = getgrnam (utf8_groupname);
        result = (g != NULL);
#endif

        if (result) {
            result = IsMemberOf ((uid_t) GPOINTER_TO_INT (user), g);
        }

#ifdef HAVE_GETGRNAM_R
        g_free (fbuf);
#endif
        g_free (utf8_groupname);
    }
#endif /* HOST_WIN32 */

    return result;
}
예제 #5
0
파일: mono-security.c 프로젝트: LevNNN/mono
gboolean
ves_icall_System_Security_Principal_WindowsPrincipal_IsMemberOfGroupId (gpointer user, gpointer group)
{
    gboolean result = FALSE;

#ifdef HOST_WIN32
    MONO_ARCH_SAVE_REGS;

    /* The convertion from an ID to a string is done in managed code for Windows */
    g_warning ("IsMemberOfGroupId should never be called on Win32");

#else /* HOST_WIN32 */

#ifdef HAVE_GETGRGID_R
    struct group grp;
    size_t fbufsize;
    gchar *fbuf;
    gint32 retval;
#endif
    struct group *g = NULL;

    MONO_ARCH_SAVE_REGS;

#ifdef HAVE_GETGRGID_R
#ifdef _SC_GETGR_R_SIZE_MAX
    fbufsize = mono_sysconf (_SC_GETGR_R_SIZE_MAX);
#else
    fbufsize = MONO_SYSCONF_DEFAULT_SIZE;
#endif
    fbuf = g_malloc0 (fbufsize);
    retval = getgrgid_r ((gid_t) GPOINTER_TO_INT (group), &grp, fbuf, fbufsize, &g);
    result = ((retval == 0) && (g == &grp));
#else
    /* default to non thread-safe but posix compliant function */
    g = getgrgid ((gid_t) GPOINTER_TO_INT (group));
    result = (g != NULL);
#endif

    if (result) {
        result = IsMemberOf ((uid_t) GPOINTER_TO_INT (user), g);
    }

#ifdef HAVE_GETGRGID_R
    g_free (fbuf);
#endif

#endif /* HOST_WIN32 */

    return result;
}
예제 #6
0
MonoBoolean
ves_icall_System_Security_Principal_WindowsPrincipal_IsMemberOfGroupId (gpointer user, gpointer group, MonoError *error)
{
	gboolean result = FALSE;

#ifdef HAVE_GRP_H

#ifdef HAVE_GETGRGID_R
	struct group grp;
	size_t fbufsize;
	gchar *fbuf;
	gint32 retval;
#endif
	struct group *g = NULL;

#ifdef HAVE_GETGRGID_R
#ifdef _SC_GETGR_R_SIZE_MAX
 	fbufsize = mono_sysconf (_SC_GETGR_R_SIZE_MAX);
#else
	fbufsize = MONO_SYSCONF_DEFAULT_SIZE;
#endif
	fbuf = (gchar *)g_malloc0 (fbufsize);
	retval = getgrgid_r ((gid_t) GPOINTER_TO_INT (group), &grp, fbuf, fbufsize, &g);
	result = ((retval == 0) && (g == &grp));
#else
	/* default to non thread-safe but posix compliant function */
	g = getgrgid ((gid_t) GPOINTER_TO_INT (group));
	result = (g != NULL);
#endif

	if (result)
		result = IsMemberOf ((uid_t) GPOINTER_TO_INT (user), g);

#ifdef HAVE_GETGRGID_R
	g_free (fbuf);
#endif

#endif /* HAVE_GRP_H */

	return result;
}
예제 #7
0
파일: cred.cpp 프로젝트: monsterzz/porto
bool TCred::IsPortoUser() const {
    return IsRootUser() || IsMemberOf(PortoGroup);
}