@@ -41,7 +41,7 @@ static void maybe_unlink_and_free(char *path);
#define LOCAL_PREFIX "\\\\.\\pipe\\"
/* Size of the allowed PSIDs for securing Named Pipe. */
-#define ALLOWED_PSIDS_SIZE 2
+#define ALLOWED_PSIDS_SIZE 3
/* This function has the purpose to remove all the slashes received in s. */
static char *
@@ -438,6 +438,13 @@ create_pnpipe(char *name)
goto handle_error;
}
+ /* Allow Local Service to access the named pipe. */
+ if (!AllocateAndInitializeSid(&sia, 1, SECURITY_LOCAL_SERVICE_RID,
+ 0, 0, 0, 0, 0, 0, 0, &allowedPsid[2])) {
+ VLOG_ERR_RL(&rl, "Error creating Services SID.");
+ goto handle_error;
+ }
+
for (int i = 0; i < ALLOWED_PSIDS_SIZE; i++) {
aclSize += sizeof(ACCESS_ALLOWED_ACE) +
GetLengthSid(allowedPsid[i]) -
Current implementation of ovs on windows only allows LocalSystem and Administrators to access the named pipe created with API of ovs. Thus any service that needs to invoke the API to create named pipe has to run as System account to interactive with ovs. It causes the system more vulnerable if any of those services was break into. The patch adds LocalService account to allowed ACLs. Signed-off-by: Ning Wu <nwu@vmware.com> --- lib/stream-windows.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) -- 2.6.2