diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-14 09:53:16 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-14 09:53:16 +0200 |
| commit | d882e4bb0ef5ec49891daf669d0593bed84f981f (patch) | |
| tree | 787a083ee501ccd6d37b7a3647ea4a0bc6440b8c | |
| parent | makefile: use CURDIR not PWD for -C operation (diff) | |
| download | wireguard-windows-d882e4bb0ef5ec49891daf669d0593bed84f981f.tar.xz wireguard-windows-d882e4bb0ef5ec49891daf669d0593bed84f981f.zip | |
build: we no longer use security attributes
| -rw-r--r-- | golang-security-attribute-process-creation.patch | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/golang-security-attribute-process-creation.patch b/golang-security-attribute-process-creation.patch deleted file mode 100644 index 8c14e3a4..00000000 --- a/golang-security-attribute-process-creation.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 049c8dbfdbdd414359699c215f15764a7aa733b5 Mon Sep 17 00:00:00 2001 -From: Jason A. Donenfeld <Jason@zx2c4.com> -Date: Sat, 27 Apr 2019 11:45:11 +0200 -Subject: [PATCH] syscall: allow setting security attributes on processes - -This allows creating processes that can only be debugged/accessed by -certain tokens, according to a particular security descriptor. We -already had everything ready for this but just neglected to pass through -the value from the user-accessible SysProcAttr. - -Change-Id: I4a3fcc9f5078aa0058b26c103355c984093ae03f -Reviewed-on: https://go-review.googlesource.com/c/go/+/174197 -Run-TryBot: Jason Donenfeld <Jason@zx2c4.com> -TryBot-Result: Gobot Gobot <gobot@golang.org> -Reviewed-by: Alex Brainman <alex.brainman@gmail.com> ---- - -diff --git a/src/syscall/exec_windows.go b/src/syscall/exec_windows.go -index c78bad8..8d6141c 100644 ---- a/src/syscall/exec_windows.go -+++ b/src/syscall/exec_windows.go -@@ -219,10 +219,12 @@ - } - - type SysProcAttr struct { -- HideWindow bool -- CmdLine string // used if non-empty, else the windows command line is built by escaping the arguments passed to StartProcess -- CreationFlags uint32 -- Token Token // if set, runs new process in the security context represented by the token -+ HideWindow bool -+ CmdLine string // used if non-empty, else the windows command line is built by escaping the arguments passed to StartProcess -+ CreationFlags uint32 -+ Token Token // if set, runs new process in the security context represented by the token -+ ProcessAttributes *SecurityAttributes // if set, applies these security attributes as the descriptor for the new process -+ ThreadAttributes *SecurityAttributes // if set, applies these security attributes as the descriptor for the main thread of the new process - } - - var zeroProcAttr ProcAttr -@@ -323,9 +325,9 @@ - - flags := sys.CreationFlags | CREATE_UNICODE_ENVIRONMENT - if sys.Token != 0 { -- err = CreateProcessAsUser(sys.Token, argv0p, argvp, nil, nil, true, flags, createEnvBlock(attr.Env), dirp, si, pi) -+ err = CreateProcessAsUser(sys.Token, argv0p, argvp, sys.ProcessAttributes, sys.ThreadAttributes, true, flags, createEnvBlock(attr.Env), dirp, si, pi) - } else { -- err = CreateProcess(argv0p, argvp, nil, nil, true, flags, createEnvBlock(attr.Env), dirp, si, pi) -+ err = CreateProcess(argv0p, argvp, sys.ProcessAttributes, sys.ThreadAttributes, true, flags, createEnvBlock(attr.Env), dirp, si, pi) - } - if err != nil { - return 0, 0, err |