From 283db0a99e665e3d1a0f64f449729e42a971483a Mon Sep 17 00:00:00 2001 From: szaka Date: Sat, 7 Jan 2006 08:31:09 +0000 Subject: [PATCH] Don't create SDS entries which aren't needed --- ntfsprogs/mkntfs.c | 2 +- ntfsprogs/sd.c | 266 --------------------------------------------- 2 files changed, 1 insertion(+), 267 deletions(-) diff --git a/ntfsprogs/mkntfs.c b/ntfsprogs/mkntfs.c index c0040f2c..b4ac7707 100644 --- a/ntfsprogs/mkntfs.c +++ b/ntfsprogs/mkntfs.c @@ -4710,7 +4710,7 @@ static BOOL mkntfs_create_root_structures(void) return FALSE; init_secure_30(buf_sds_init); } else { - buf_sds_first_size = 0x240; + buf_sds_first_size = 0xFC; buf_sds_size = 0x40000 + buf_sds_first_size; buf_sds_init = ntfs_calloc(1, buf_sds_first_size); if (!buf_sds_init) diff --git a/ntfsprogs/sd.c b/ntfsprogs/sd.c index a9c5f82f..26c69aab 100644 --- a/ntfsprogs/sd.c +++ b/ntfsprogs/sd.c @@ -1025,272 +1025,6 @@ void init_secure_31(char *sd_val) sid->sub_authority[1] = cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); -/* - * security descriptor #3 - */ - //header - sds = (SECURITY_DESCRIPTOR_HEADER*)((char*)sd_val + 0x80 + 0x80); - sds->hash = cpu_to_le32(0x0A9F9B62); - sds->security_id = cpu_to_le32(0x0102); - sds->offset = cpu_to_le64(0x0100); - sds->length = cpu_to_le32(0x60); - - //security descriptor relative - sd = (SECURITY_DESCRIPTOR_RELATIVE*)((char*)sds + - sizeof(SECURITY_DESCRIPTOR_HEADER)); - sd->revision = 0x01; - sd->alignment = 0x00; - sd->control = SE_SELF_RELATIVE | SE_DACL_PRESENT; - sd->owner = cpu_to_le32(0x30); - sd->group = cpu_to_le32(0x40); - sd->sacl = cpu_to_le32(0x00); - sd->dacl = cpu_to_le32(0x14); - - //acl - acl = (ACL*)((char*)sd + sizeof(SECURITY_DESCRIPTOR_RELATIVE)); - acl->revision = 0x02; - acl->alignment1 = 0x00; - acl->size = cpu_to_le16(0x1C); - acl->ace_count = cpu_to_le16(0x01); - acl->alignment2 = 0x00; - - //ace1 - ace = (ACCESS_ALLOWED_ACE*)((char*)acl + sizeof(ACL)); - ace->type = 0x00; - ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE; - ace->size = cpu_to_le16(0x14); - ace->mask = STANDARD_RIGHTS_ALL | FILE_WRITE_ATTRIBUTES | - FILE_LIST_DIRECTORY | FILE_WRITE_DATA | - FILE_ADD_SUBDIRECTORY | FILE_READ_EA | FILE_WRITE_EA | - FILE_TRAVERSE | FILE_DELETE_CHILD | - FILE_READ_ATTRIBUTES; - ace->sid.revision = 0x01; - ace->sid.sub_authority_count = 0x01; - /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ - ace->sid.identifier_authority.value[0] = 0; - ace->sid.identifier_authority.value[1] = 0; - ace->sid.identifier_authority.value[2] = 0; - ace->sid.identifier_authority.value[3] = 0; - ace->sid.identifier_authority.value[4] = 0; - ace->sid.identifier_authority.value[5] = 5; - ace->sid.sub_authority[0] = - cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); - - //owner sid - sid = (SID*)((char*)sd + le32_to_cpu(sd->owner)); - sid->revision = 0x01; - sid->sub_authority_count = 0x02; - /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ - sid->identifier_authority.value[0] = 0; - sid->identifier_authority.value[1] = 0; - sid->identifier_authority.value[2] = 0; - sid->identifier_authority.value[3] = 0; - sid->identifier_authority.value[4] = 0; - sid->identifier_authority.value[5] = 5; - sid->sub_authority[0] = - cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); - sid->sub_authority[1] = - cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); - - //group sid - sid = (SID*)((char*)sd + le32_to_cpu(sd->group)); - sid->revision = 0x01; - sid->sub_authority_count = 0x01; - /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ - sid->identifier_authority.value[0] = 0; - sid->identifier_authority.value[1] = 0; - sid->identifier_authority.value[2] = 0; - sid->identifier_authority.value[3] = 0; - sid->identifier_authority.value[4] = 0; - sid->identifier_authority.value[5] = 5; - sid->sub_authority[0] = - cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); - -/* - * security descriptor #4 - */ - //header - sds = (SECURITY_DESCRIPTOR_HEADER*)((char*)sd_val + 0x80 + 0x80 + 0x60); - sds->hash = cpu_to_le32(0x0A9F9562); - sds->security_id = cpu_to_le32(0x0103); - sds->offset = cpu_to_le64(0x0160); - sds->length = cpu_to_le32(0x60); - - //security descriptor relative - sd = (SECURITY_DESCRIPTOR_RELATIVE*)((char*)sds + - sizeof(SECURITY_DESCRIPTOR_HEADER)); - sd->revision = 0x01; - sd->alignment = 0x00; - sd->control = SE_SELF_RELATIVE | SE_DACL_PRESENT; - sd->owner = cpu_to_le32(0x30); - sd->group = cpu_to_le32(0x40); - sd->sacl = cpu_to_le32(0x00); - sd->dacl = cpu_to_le32(0x14); - - //acl - acl = (ACL*)((char*)sd + sizeof(SECURITY_DESCRIPTOR_RELATIVE)); - acl->revision = 0x02; - acl->alignment1 = 0x00; - acl->size = cpu_to_le16(0x1C); - acl->ace_count = cpu_to_le16(0x01); - acl->alignment2 = 0x00; - - //ace1 - ace = (ACCESS_ALLOWED_ACE*)((char*)acl + sizeof(ACL)); - ace->type = 0x00; - ace->flags = 0x00; - ace->size = cpu_to_le16(0x14); - ace->mask = STANDARD_RIGHTS_ALL | FILE_WRITE_ATTRIBUTES | - FILE_LIST_DIRECTORY | FILE_WRITE_DATA | - FILE_ADD_SUBDIRECTORY | FILE_READ_EA | FILE_WRITE_EA | - FILE_TRAVERSE | FILE_DELETE_CHILD | - FILE_READ_ATTRIBUTES; - ace->sid.revision = 0x01; - ace->sid.sub_authority_count = 0x01; - // SECURITY_NT_SID_AUTHORITY (S-1-5) - ace->sid.identifier_authority.value[0] = 0; - ace->sid.identifier_authority.value[1] = 0; - ace->sid.identifier_authority.value[2] = 0; - ace->sid.identifier_authority.value[3] = 0; - ace->sid.identifier_authority.value[4] = 0; - ace->sid.identifier_authority.value[5] = 5; - ace->sid.sub_authority[0] = - cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); - - //owner sid - sid = (SID*)((char*)sd + le32_to_cpu(sd->owner)); - sid->revision = 0x01; - sid->sub_authority_count = 0x02; - // SECURITY_NT_SID_AUTHORITY (S-1-5) - sid->identifier_authority.value[0] = 0; - sid->identifier_authority.value[1] = 0; - sid->identifier_authority.value[2] = 0; - sid->identifier_authority.value[3] = 0; - sid->identifier_authority.value[4] = 0; - sid->identifier_authority.value[5] = 5; - sid->sub_authority[0] = - cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); - sid->sub_authority[1] = - cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); - //group sid - sid = (SID*)((char*)sd + le32_to_cpu(sd->group)); - sid->revision = 0x01; - sid->sub_authority_count = 0x01; - // SECURITY_NT_SID_AUTHORITY (S-1-5) - sid->identifier_authority.value[0] = 0; - sid->identifier_authority.value[1] = 0; - sid->identifier_authority.value[2] = 0; - sid->identifier_authority.value[3] = 0; - sid->identifier_authority.value[4] = 0; - sid->identifier_authority.value[5] = 5; - sid->sub_authority[0] = - cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); - -/* - * security descriptor #5 - */ - //header - sds = (SECURITY_DESCRIPTOR_HEADER*)((char*)sd_val + 0x80 + 0x80 + - 0x60 + 0x60); - sds->hash = cpu_to_le32(0x453F0A2E); - sds->security_id = cpu_to_le32(0x0104); - sds->offset = cpu_to_le64(0x01C0); - sds->length = cpu_to_le32(0x78); - - //security descriptor relative - sd = (SECURITY_DESCRIPTOR_RELATIVE*)((char*)sds + - sizeof(SECURITY_DESCRIPTOR_HEADER)); - sd->revision = 0x01; - sd->alignment = 0x00; - sd->control = SE_SELF_RELATIVE | SE_DACL_PRESENT; - sd->owner = cpu_to_le32(0x48); - sd->group = cpu_to_le32(0x58); - sd->sacl = cpu_to_le32(0x00); - sd->dacl = cpu_to_le32(0x14); - - //acl - acl = (ACL*)((char*)sd + sizeof(SECURITY_DESCRIPTOR_RELATIVE)); - acl->revision = 0x02; - acl->alignment1 = 0x00; - acl->size = cpu_to_le16(0x34); - acl->ace_count = cpu_to_le16(0x02); - acl->alignment2 = 0x00; - - //ace1 - ace = (ACCESS_ALLOWED_ACE*)((char*)acl + sizeof(ACL)); - ace->type = 0x00; - ace->flags = 0x00; - ace->size = cpu_to_le16(0x18); - ace->mask = STANDARD_RIGHTS_ALL | FILE_WRITE_ATTRIBUTES | - FILE_LIST_DIRECTORY | FILE_WRITE_DATA | - FILE_ADD_SUBDIRECTORY | FILE_READ_EA | FILE_WRITE_EA | - FILE_TRAVERSE | FILE_DELETE_CHILD | - FILE_READ_ATTRIBUTES; - ace->sid.revision = 0x01; - ace->sid.sub_authority_count = 0x02; - // SECURITY_NT_SID_AUTHORITY (S-1-5) - ace->sid.identifier_authority.value[0] = 0; - ace->sid.identifier_authority.value[1] = 0; - ace->sid.identifier_authority.value[2] = 0; - ace->sid.identifier_authority.value[3] = 0; - ace->sid.identifier_authority.value[4] = 0; - ace->sid.identifier_authority.value[5] = 5; - ace->sid.sub_authority[0] = - cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); - ace->sid.sub_authority[1] = - cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); - //ace2 - ace = (ACCESS_ALLOWED_ACE*)((char*)ace + ace->size); - ace->type = 0x00; - ace->flags = 0x00; - ace->size = cpu_to_le16(0x14); - ace->mask = STANDARD_RIGHTS_ALL | FILE_WRITE_ATTRIBUTES | - FILE_LIST_DIRECTORY | FILE_WRITE_DATA | - FILE_ADD_SUBDIRECTORY | FILE_READ_EA | FILE_WRITE_EA | - FILE_TRAVERSE | FILE_DELETE_CHILD | - FILE_READ_ATTRIBUTES; - ace->sid.revision = 0x01; - ace->sid.sub_authority_count = 0x01; - /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ - ace->sid.identifier_authority.value[0] = 0; - ace->sid.identifier_authority.value[1] = 0; - ace->sid.identifier_authority.value[2] = 0; - ace->sid.identifier_authority.value[3] = 0; - ace->sid.identifier_authority.value[4] = 0; - ace->sid.identifier_authority.value[5] = 5; - ace->sid.sub_authority[0] = - cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); - - //owner sid - sid = (SID*)((char*)sd + le32_to_cpu(sd->owner)); - sid->revision = 0x01; - sid->sub_authority_count = 0x02; - // SECURITY_NT_SID_AUTHORITY (S-1-5) - sid->identifier_authority.value[0] = 0; - sid->identifier_authority.value[1] = 0; - sid->identifier_authority.value[2] = 0; - sid->identifier_authority.value[3] = 0; - sid->identifier_authority.value[4] = 0; - sid->identifier_authority.value[5] = 5; - sid->sub_authority[0] = - cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); - sid->sub_authority[1] = - cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); - - //group sid - sid = (SID*)((char*)sd + le32_to_cpu(sd->group)); - sid->revision = 0x01; - sid->sub_authority_count = 0x01; - // SECURITY_NT_SID_AUTHORITY (S-1-5) - sid->identifier_authority.value[0] = 0; - sid->identifier_authority.value[1] = 0; - sid->identifier_authority.value[2] = 0; - sid->identifier_authority.value[3] = 0; - sid->identifier_authority.value[4] = 0; - sid->identifier_authority.value[5] = 5; - sid->sub_authority[0] = - cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); - return; }