win32security.c File Reference

#include "postgres.h"

Include dependency graph for win32security.c:

Go to the source code of this file.

Functions
static	pg_attribute_printf (1, 2)
int	pgwin32_is_admin (void)
int	pgwin32_is_service (void)

Function Documentation

pg_attribute_printf()

static pg_attribute_printf ( 1  , 2    )

static

Definition at line 26 of file win32security.c.

References fprintf, and write_stderr.

{
    va_list     ap;

    va_start(ap, fmt);
#ifndef FRONTEND
    write_stderr(fmt, ap);
#else
    fprintf(stderr, fmt, ap);
#endif
    va_end(ap);
}

pgwin32_is_admin()

int pgwin32_is_admin

(

void

)

Definition at line 49 of file win32security.c.

References _, and log_error.

Referenced by check_root().

{
    PSID        AdministratorsSid;
    PSID        PowerUsersSid;
    SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
    BOOL        IsAdministrators;
    BOOL        IsPowerUsers;

    if (!AllocateAndInitializeSid(&NtAuthority, 2,
                                  SECURITY_BUILTIN_DOMAIN_RID,
                                  DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0,
                                  0, &AdministratorsSid))
    {
        log_error(_("could not get SID for Administrators group: error code %lu\n"),
                  GetLastError());
        exit(1);
    }

    if (!AllocateAndInitializeSid(&NtAuthority, 2,
                                  SECURITY_BUILTIN_DOMAIN_RID,
                                  DOMAIN_ALIAS_RID_POWER_USERS, 0, 0, 0, 0, 0,
                                  0, &PowerUsersSid))
    {
        log_error(_("could not get SID for PowerUsers group: error code %lu\n"),
                  GetLastError());
        exit(1);
    }

    if (!CheckTokenMembership(NULL, AdministratorsSid, &IsAdministrators) ||
        !CheckTokenMembership(NULL, PowerUsersSid, &IsPowerUsers))
    {
        log_error(_("could not check access token membership: error code %lu\n"),
                  GetLastError());
        exit(1);
    }

    FreeSid(AdministratorsSid);
    FreeSid(PowerUsersSid);

    if (IsAdministrators || IsPowerUsers)
        return 1;
    else
        return 0;
}

pgwin32_is_service()

int pgwin32_is_service

(

void

)

Definition at line 120 of file win32security.c.

References fprintf.

Referenced by send_message_to_server_log(), and write_stderr().

{
    static int  _is_service = -1;
    BOOL        IsMember;
    PSID        ServiceSid;
    PSID        LocalSystemSid;
    SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
    HANDLE      stderr_handle;

    /* Only check the first time */
    if (_is_service != -1)
        return _is_service;

    /* Check if standard error is not valid */
    stderr_handle = GetStdHandle(STD_ERROR_HANDLE);
    if (stderr_handle != INVALID_HANDLE_VALUE && stderr_handle != NULL)
    {
        _is_service = 0;
        return _is_service;
    }

    /* Check if running as LocalSystem */
    if (!AllocateAndInitializeSid(&NtAuthority, 1,
                                  SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0,
                                  &LocalSystemSid))
    {
        fprintf(stderr, "could not get SID for local system account\n");
        return -1;
    }

    if (!CheckTokenMembership(NULL, LocalSystemSid, &IsMember))
    {
        fprintf(stderr, "could not check access token membership: error code %lu\n",
                GetLastError());
        FreeSid(LocalSystemSid);
        return -1;
    }
    FreeSid(LocalSystemSid);

    if (IsMember)
    {
        _is_service = 1;
        return _is_service;
    }

    /* Check for service group membership */
    if (!AllocateAndInitializeSid(&NtAuthority, 1,
                                  SECURITY_SERVICE_RID, 0, 0, 0, 0, 0, 0, 0,
                                  &ServiceSid))
    {
        fprintf(stderr, "could not get SID for service group: error code %lu\n",
                GetLastError());
        return -1;
    }

    if (!CheckTokenMembership(NULL, ServiceSid, &IsMember))
    {
        fprintf(stderr, "could not check access token membership: error code %lu\n",
                GetLastError());
        FreeSid(ServiceSid);
        return -1;
    }
    FreeSid(ServiceSid);

    if (IsMember)
        _is_service = 1;
    else
        _is_service = 0;

    return _is_service;
}