/*
* Copyright (C) 2000-2002, 2004, 2007, 2013, 2016, 2017 Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: fsaccess.c,v 1.15 2007/06/19 23:47:19 tbox Exp $ */
/*
* Note that Win32 does not have the concept of files having access
* and ownership bits. The FAT File system only has a readonly flag
* for everyone and that's all. NTFS uses ACL's which is a totally
* different concept of controlling access.
*
* This code needs to be revisited to set up proper access control for
* NTFS file systems. Nothing can be done for FAT file systems.
*/
#include <config.h>
#include <aclapi.h>
#include <io.h>
#include <errno.h>
#include "errno2result.h"
/*
*/
#include "../fsaccess.c"
/* Store the user account name locally */
/*
* In order to set or retrieve access information, we need to obtain
* the File System type. These could be UNC-type shares.
*/
char *machinename;
char *sharename;
sizeof(filename)) != ISC_R_SUCCESS) {
return (FALSE);
}
/*
* Look for c:\path\... style, c:/path/... or \\computer\shar\path...
* the UNC style file specs
*/
/* Copy 'c:\' or 'c:/' and NUL terminate. */
/* Find the machine and share name and rebuild the UNC */
} else /* Not determinable */
return (FALSE);
sizeof(FSType));
return (TRUE);
else
return (FALSE);
}
/*
* If it's not NTFS, we assume that it is FAT and proceed
* with almost nothing to do. Only the write flag can be set or
* cleared.
*/
int mode;
/*
* Done with checking bad bits. Set mode_t.
*/
mode = 0;
}
SET_AND_CLEAR1(user); \
SET_AND_CLEAR1(group); \
return (isc__errno2result(errno));
return (ISC_R_SUCCESS);
}
int caccess;
/* Initialize an ACL */
return (ISC_R_NOPERM);
return (ISC_R_NOPERM);
&domainBufferSize, &snu))
return (ISC_R_NOPERM);
domainBufferSize = sizeof(domainBuffer);
(void)GetLastError();
return (ISC_R_NOPERM);
}
domainBufferSize = sizeof(domainBuffer);
(void)GetLastError();
return (ISC_R_NOPERM);
}
/* Owner check */
NTFSbits = 0;
if (caccess & ISC_FSACCESS_READ)
if (caccess & ISC_FSACCESS_WRITE)
if (caccess & ISC_FSACCESS_EXECUTE)
/* For directories check the directory-specific bits */
if (caccess & ISC_FSACCESS_CREATECHILD)
if (caccess & ISC_FSACCESS_DELETECHILD)
if (caccess & ISC_FSACCESS_ACCESSCHILD)
}
/*
* Owner and Administrator also get STANDARD_RIGHTS_ALL
* to ensure that they have full control
*/
/* Add the ACE to the ACL */
return (ISC_R_NOPERM);
return (ISC_R_NOPERM);
/*
* Group is ignored since we can be in multiple groups or no group
* and its meaning is not clear on Win32
*/
/*
* Other check. We translate this to be the same as Everyone
*/
NTFSbits = 0;
if (caccess & ISC_FSACCESS_READ)
if (caccess & ISC_FSACCESS_WRITE)
if (caccess & ISC_FSACCESS_EXECUTE)
/* For directories check the directory-specific bits */
if (caccess & ISC_FSACCESS_CREATECHILD)
if (caccess & ISC_FSACCESS_DELETECHILD)
if (caccess & ISC_FSACCESS_ACCESSCHILD)
}
/* Add the ACE to the ACL */
return (ISC_R_NOPERM);
return (ISC_R_NOPERM);
return (ISC_R_NOPERM);
}
return(ISC_R_SUCCESS);
}
/*
* For NTFS we first need to get the name of the account under
* which BIND is running
*/
if (namelen == 0) {
return (ISC_R_FAILURE);
}
}
return (isc__errno2result(errno));
return (ISC_R_INVALIDFILE);
if (result != ISC_R_SUCCESS)
return (result);
/*
* Determine if this is a FAT or NTFS disk and
* call the appropriate function to set the permissions
*/
else
}
/*
* Determine if this is a FAT or NTFS disk and
* call the appropriate function to set the ownership
* FAT disks do not have ownership attributes so it's
* a noop.
*/
return (ISC_R_SUCCESS);
return (ISC_R_NOPERM);
&domainBufferSize, &snu))
return (ISC_R_NOPERM);
/* Make sure administrators can get to it */
domainBufferSize = sizeof(domainBuffer);
return (ISC_R_NOPERM);
return (ISC_R_NOPERM);
return (ISC_R_NOPERM);
if (!SetFileSecurity(filename,
&psd))
return (ISC_R_NOPERM);
return (ISC_R_SUCCESS);
}