ntsec: patch 9

[Corinna Vinschen <corinna@vinschen.de>]

Hi!

I have patched security once again. The worst thing was a free() on
stack memory (Puh!).

ChangeLog:
==========

Thu Aug 4 10:28:00  Corinna Vinschen  <corinna@vinschen.de>

	* security.cc: Erased MALLOC_CHECK calls.
	(lookup_name): New function simplifies the retrieval of user
	and group names.
	(alloc_sd): Calls `lookup_name' instead of `LookupAccountName'.
	`system' gets no special permissions to files anymore.
	`administrators' only get restricted permissions instead of
	full access.
	ACEs are generated only if the permissions are != 0 for that
	user/group/other.
	* shared.cc (sec_user): Calls `lookup_name' instead of
	`LookupAccountName'.
	'free`-call on stack space eliminated.
	* winsup.h: Declaration for `lookup_name'.
	* doc/ntsec.sgml: Adapted.

The permissions to administrators are restricted to the following:
	read permissions
	take ownership
This behaviour corresponds better to the typical WinNT settings:
No admin should have the right to change my files. Only actions
are allowed where there remains a fingerprint of the `evil-doer'.
A special case is, if I'm logged in as a user with administrators
as primary group. The settings should give more permissions to
the other admins to support better the typical behaviour of NT:
As you know, if one is member of admin group, all her files
are owned by the group instead of by her. This is not the case
with ntsec but the other admins should have easier access to the
administrative files. So in this case the admin group gets the
following permissions:
	read permissions
	write permissions
	write owner
	write ea
also in the case, where group permissions are set to 0.
Caution: The primary group is taken from passwd file (as before).
This is more convenient on workstations outside of domains because
the primary NT group is None (513) for each user, including
administrator (500), too. This can only be changed in NT domains.

Best Regards,
Corinna

ntsec-patch9.bz2