diff options
| author | Steve Dower <steve.dower@python.org> | 2024-01-16 16:40:02 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-16 16:40:02 (GMT) |
| commit | de4ced54eb08e8630e3b6c13436d4ecc3fb14708 (patch) | |
| tree | faade82d2a27d1b084ef435fe15de3c9208a7090 | |
| parent | 31a2543c80e1e38c97e50533249d9aa00e2f6cae (diff) | |
| download | cpython-de4ced54eb08e8630e3b6c13436d4ecc3fb14708.zip cpython-de4ced54eb08e8630e3b6c13436d4ecc3fb14708.tar.gz cpython-de4ced54eb08e8630e3b6c13436d4ecc3fb14708.tar.bz2 | |
gh-114096: Restore privileges in _winapi.CreateJunction after creating the junction (GH-114089)
This avoids impact on later parts of the application which may be able to do things they otherwise shouldn't.
| -rw-r--r-- | Misc/NEWS.d/next/Windows/2024-01-15-23-53-25.gh-issue-114096.G-Myja.rst | 3 | ||||
| -rw-r--r-- | Modules/_winapi.c | 28 |
2 files changed, 24 insertions, 7 deletions
diff --git a/Misc/NEWS.d/next/Windows/2024-01-15-23-53-25.gh-issue-114096.G-Myja.rst b/Misc/NEWS.d/next/Windows/2024-01-15-23-53-25.gh-issue-114096.G-Myja.rst new file mode 100644 index 0000000..f28fc04 --- /dev/null +++ b/Misc/NEWS.d/next/Windows/2024-01-15-23-53-25.gh-issue-114096.G-Myja.rst @@ -0,0 +1,3 @@ +Process privileges that are activated for creating directory junctions are +now restored afterwards, avoiding behaviour changes in other parts of the +program. diff --git a/Modules/_winapi.c b/Modules/_winapi.c index a26850e..26302b5 100644 --- a/Modules/_winapi.c +++ b/Modules/_winapi.c @@ -532,7 +532,12 @@ _winapi_CreateJunction_impl(PyObject *module, LPCWSTR src_path, { /* Privilege adjustment */ HANDLE token = NULL; - TOKEN_PRIVILEGES tp; + struct { + TOKEN_PRIVILEGES base; + /* overallocate by a few array elements */ + LUID_AND_ATTRIBUTES privs[4]; + } tp, previousTp; + int previousTpSize = 0; /* Reparse data buffer */ const USHORT prefix_len = 4; @@ -556,17 +561,21 @@ _winapi_CreateJunction_impl(PyObject *module, LPCWSTR src_path, /* Adjust privileges to allow rewriting directory entry as a junction point. */ - if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &token)) + if (!OpenProcessToken(GetCurrentProcess(), + TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &token)) { goto cleanup; + } - if (!LookupPrivilegeValue(NULL, SE_RESTORE_NAME, &tp.Privileges[0].Luid)) + if (!LookupPrivilegeValue(NULL, SE_RESTORE_NAME, &tp.base.Privileges[0].Luid)) { goto cleanup; + } - tp.PrivilegeCount = 1; - tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; - if (!AdjustTokenPrivileges(token, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), - NULL, NULL)) + tp.base.PrivilegeCount = 1; + tp.base.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; + if (!AdjustTokenPrivileges(token, FALSE, &tp.base, sizeof(previousTp), + &previousTp.base, &previousTpSize)) { goto cleanup; + } if (GetFileAttributesW(src_path) == INVALID_FILE_ATTRIBUTES) goto cleanup; @@ -647,6 +656,11 @@ _winapi_CreateJunction_impl(PyObject *module, LPCWSTR src_path, cleanup: ret = GetLastError(); + if (previousTpSize) { + AdjustTokenPrivileges(token, FALSE, &previousTp.base, previousTpSize, + NULL, NULL); + } + if (token != NULL) CloseHandle(token); if (junction != NULL) |