- Request only the access rights that are actually required in openTcpFile. Fixes many should-be access denied errors originating from netshell. While this doesn't fix the root cause of CORE-9172, it is a required step if we ever want netshell to work for non-Admin users.
CORE-9172
svn path=/trunk/; revision=66300
ZeroMemory(Ptr, RemainingSize);
/* open the tcpip driver */
- Status = openTcpFile(&TcpFile);
+ Status = openTcpFile(&TcpFile, FILE_READ_DATA);
if (!NT_SUCCESS(Status))
{
ERR("Could not open handle to tcpip.sys. Status %08x\n", Status);
NTSTATUS status;
int i;
- status = openTcpFile( &tcpFile );
+ status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( !NT_SUCCESS(status) ) {
WARN("getNumInterfaces: failed %08x\n", status );
IFInfo ifInfo;
HANDLE tcpFile;
char *interfaceName = 0, *adapter_name = 0;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) {
status = getInterfaceInfoByIndex( tcpFile, index, &ifInfo );
{
IFInfo ifInfo;
HANDLE tcpFile;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) {
status = getInterfaceInfoByName( tcpFile, (char *)name, &ifInfo );
IFInfo *ifInfo;
InterfaceIndexTable *ret = 0;
HANDLE tcpFile;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) {
status = getInterfaceInfoSet( tcpFile, &ifInfo, &numInterfaces );
NTSTATUS status = STATUS_SUCCESS;
DWORD addrOut = INADDR_ANY;
- status = openTcpFile( &tcpFile );
+ status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) {
status = getIPAddrEntryForIf( tcpFile, name, index, &ifInfo );
{
HANDLE tcpFile;
IFInfo info;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) {
status = getInterfaceInfoByName( tcpFile, (char *)name, &info );
{
HANDLE tcpFile;
IFInfo info;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) {
status = getInterfaceInfoByIndex( tcpFile, index, &info );
{
HANDLE tcpFile;
IFInfo info;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
TRACE("Called.\n");
{
HANDLE tcpFile;
IFInfo info;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
TRACE("Called.\n");
PULONG NteContext, PULONG NteInstance )
{
HANDLE tcpFile;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA );
IP_SET_DATA Data;
IO_STATUS_BLOCK Iosb;
NTSTATUS deleteIpAddress( ULONG NteContext )
{
HANDLE tcpFile;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA );
IO_STATUS_BLOCK Iosb;
TRACE("Called.\n");
if (!pArpEntry)
return ERROR_INVALID_PARAMETER;
- if (!NT_SUCCESS(openTcpFile( &tcpFile )))
+ if (!NT_SUCCESS(openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA )))
return ERROR_NOT_SUPPORTED;
if (!NT_SUCCESS(getNthIpEntity( tcpFile, pArpEntry->dwIndex, &id )))
if (!indexTable)
return ERROR_NOT_ENOUGH_MEMORY;
- ret = openTcpFile(&tcpFile);
+ ret = openTcpFile(&tcpFile, FILE_READ_DATA);
if (!NT_SUCCESS(ret))
return ERROR_NO_DATA;
TRACE("called.\n");
- status = openTcpFile( &tcpFile );
+ status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( !NT_SUCCESS(status) ) {
TRACE("failure: %08x\n", (int)status );
DWORD numRoutes = getNumRoutes(), routesAdded = 0;
TDIEntityID ent;
HANDLE tcpFile;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
int i;
if( !NT_SUCCESS(status) )
TRACE("called.\n");
- status = openTcpFile( &tcpFile );
+ status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( !NT_SUCCESS(status) ) {
TRACE("failure: %08x\n", (int)status );
totalNumber = getNumArpEntries();
- status = openTcpFile( &tcpFile );
+ status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( !NT_SUCCESS(status) ) {
TRACE("failure: %08x\n", (int)status );
DWORD createIpForwardEntry( PMIB_IPFORWARDROW pRoute ) {
HANDLE tcpFile;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA );
TCP_REQUEST_SET_INFORMATION_EX_ROUTE_ENTRY req =
TCP_REQUEST_SET_INFORMATION_INIT;
IPRouteEntry *rte;
DWORD deleteIpForwardEntry( PMIB_IPFORWARDROW pRoute ) {
HANDLE tcpFile;
- NTSTATUS status = openTcpFile( &tcpFile );
+ NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA );
TCP_REQUEST_SET_INFORMATION_EX_ROUTE_ENTRY req =
TCP_REQUEST_SET_INFORMATION_INIT;
IPRouteEntry *rte;
HANDLE TcpCC;
DWORD BytesReturned;
- if (openTcpFile(&TcpCC) != STATUS_SUCCESS)
+ if (openTcpFile(&TcpCC, FILE_READ_DATA | FILE_WRITE_DATA) != STATUS_SUCCESS)
return WSAEINVAL;
Status = DeviceIoControl(TcpCC,
case WSH_NOTIFY_BIND:
DPRINT("WSHNotify: WSH_NOTIFY_BIND\n");
- Status = openTcpFile(&TcpCC);
+ Status = openTcpFile(&TcpCC, FILE_READ_DATA);
if (Status != STATUS_SUCCESS)
return WSAEINVAL;
DWORD toiType,
DWORD toiId,
DWORD teiEntity,
- DWORD teiInstance,
+ DWORD teiInstance,
DWORD fixedPart,
DWORD entrySize,
PVOID *tdiEntitySet,
INFO_TYPE_PROVIDER,
ENTITY_LIST_ID,
GENERIC_ENTITY,
- 0,
+ 0,
0,
sizeof(TDIEntityID),
(PVOID *)entitySet,
const PWCHAR TcpFileName = L"\\Device\\Tcp";
-NTSTATUS openTcpFile(PHANDLE tcpFile)
+NTSTATUS openTcpFile(PHANDLE tcpFile, ACCESS_MASK DesiredAccess)
{
UNICODE_STRING fileName;
OBJECT_ATTRIBUTES objectAttributes;
NULL,
NULL );
- status = ZwCreateFile( tcpFile,
- SYNCHRONIZE | GENERIC_EXECUTE |
- GENERIC_READ | GENERIC_WRITE,
- &objectAttributes,
- &ioStatusBlock,
- NULL,
- FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ | FILE_SHARE_WRITE,
- FILE_OPEN_IF,
- FILE_SYNCHRONOUS_IO_NONALERT,
- 0,
- 0 );
+ status = NtOpenFile( tcpFile,
+ DesiredAccess | SYNCHRONIZE,
+ &objectAttributes,
+ &ioStatusBlock,
+ FILE_SHARE_READ | FILE_SHARE_WRITE,
+ FILE_SYNCHRONOUS_IO_NONALERT);
/* String does not need to be freed: it points to the constant
* string we provided */
#pragma once
-NTSTATUS openTcpFile(PHANDLE tcpFile);
+NTSTATUS openTcpFile(PHANDLE tcpFile, ACCESS_MASK DesiredAccess);
VOID closeTcpFile(HANDLE tcpFile);
NTSTATUS tdiGetEntityIDSet( HANDLE tcpFile, TDIEntityID **entitySet,
PDWORD numEntities );