[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r19352: {torvm} Make sure we create the restricted user account with the nam (torvm/trunk/build/win32/src/torvm-w32)

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] r19352: {torvm} Make sure we create the restricted user account with the nam (torvm/trunk/build/win32/src/torvm-w32)
From: coderman@xxxxxxxx
Date: Mon, 20 Apr 2009 04:47:54 -0400 (EDT)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-cvs-outgoing@xxxxxxxx
Delivered-to: or-cvs@xxxxxxxx
Delivery-date: Mon, 20 Apr 2009 04:47:56 -0400
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: coderman
Date: 2009-04-20 04:47:54 -0400 (Mon, 20 Apr 2009)
New Revision: 19352

Modified:
   torvm/trunk/build/win32/src/torvm-w32/creds.c
Log:
Make sure we create the restricted user account with the name requested rather than assuming it will be Tor :)

Modified: torvm/trunk/build/win32/src/torvm-w32/creds.c
===================================================================
--- torvm/trunk/build/win32/src/torvm-w32/creds.c	2009-04-20 08:42:00 UTC (rev 19351)
+++ torvm/trunk/build/win32/src/torvm-w32/creds.c	2009-04-20 08:47:54 UTC (rev 19352)
@@ -660,7 +660,7 @@
   ULONG prevaccess;
   NTSTATUS  ntstatus;
   SID *acctsid = NULL;
-  DWORD sidsz = 1024;
+  DWORD sidsz = CMDMAX;
   DWORD domainsz = 0;
   PROFILEINFO pi;
   LSA_OBJECT_ATTRIBUTES  policyattrs;
@@ -670,6 +670,8 @@
   LUID_AND_ATTRIBUTES luidattr;
   LSA_UNICODE_STRING lsaprivname;
   LPSTR errmsg;
+  LPSTR cmd = NULL;
+  cmd = malloc(CMDMAX);
 
   *info = NULL;
   *info = malloc(sizeof(userinfo));
@@ -688,12 +690,13 @@
       s_advapi->LookupAccountName &&
       s_advapi->LsaAddAccountRights) {
     ldebug("Creating restricted user account: %s\\%s", hostname, username);
-    runcommand("net.exe user Tor  \"\" /add",NULL);
-    runcommand("net.exe localgroup Users Tor /add",NULL);
+    snprintf(cmd, CMDMAX -1, "net.exe user %s \"\" /add", (*info)->name);
+    runcommand(cmd,NULL);
+    snprintf(cmd, CMDMAX -1, "net.exe localgroup Users %s /add", (*info)->name);
+    runcommand(cmd,NULL);
     /* just to be sure in case someone did something stupid with local or domain policy ... */
-    runcommand("net.exe localgroup Administrators Tor /delete",NULL);
-    /* this may need to be removed... */
-    runcommand("net.exe accounts /maxpwage:unlimited",NULL);
+    snprintf(cmd, CMDMAX -1, "net.exe localgroup Administrators %s /delete", (*info)->name);
+    runcommand(cmd,NULL);
 
     ntstatus = s_advapi->LsaOpenPolicy(&lsahostname,
                                        &policyattrs,
@@ -808,6 +811,9 @@
     ldebug("Failed to load all required advapi32 symbols in create restricted user.");
   }
 
+  free(cmd);
+  cmd = NULL;
+
   return (retval);
 }
 
@@ -834,8 +840,8 @@
     lerror ("Unable to build path for profile image in lib dir.");
     return FALSE;
   }
-  relpath = malloc(1024);
-  snprintf(relpath, 1023, "Application Data\\Microsoft\\User Account Pictures\\%s.bmp", info->name);
+  relpath = malloc(CMDMAX);
+  snprintf(relpath, CMDMAX -1, "Application Data\\Microsoft\\User Account Pictures\\%s.bmp", info->name);
   if (!buildsyspath(SYSDIR_ALLPROFILE, relpath, &imgdest)) {
     lerror ("Unable to build path for all users profile destination.");
     free(imgsrc);

Prev by Author: [or-cvs] r19351: {torvm} Remove restricted user setup from TODO. (torvm/trunk)
Next by Author: [or-cvs] r19353: {torvm} It would be useful to have the restricted user icon to copy (torvm/trunk/build/win32/files)
Previous by thread: [or-cvs] r19351: {torvm} Remove restricted user setup from TODO. (torvm/trunk)
Next by thread: [or-cvs] r19353: {torvm} It would be useful to have the restricted user icon to copy (torvm/trunk/build/win32/files)
Index(es):
- Author
- Thread