diff options
author | Dan Bjorge <dbjorge@gmail.com> | 2015-04-23 00:24:24 -0700 |
---|---|---|
committer | Dan Bjorge <dbjorge@gmail.com> | 2015-04-23 00:24:24 -0700 |
commit | 6f42327a590025e078de9cdfd3191f14a0980776 (patch) | |
tree | c1b8c0d416e7d3a5a84e0b6f1ec5981d66f4f93c /lib/chef/win32/security | |
parent | 44d70ba0f1b38bc3e1170ae978ad5e9a11679df3 (diff) | |
download | chef-6f42327a590025e078de9cdfd3191f14a0980776.tar.gz |
securable_resource functional specs compare default creation permissions against actual defaults on Windows
Diffstat (limited to 'lib/chef/win32/security')
-rw-r--r-- | lib/chef/win32/security/sid.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/lib/chef/win32/security/sid.rb b/lib/chef/win32/security/sid.rb index 8e9407dc80..7f461fd766 100644 --- a/lib/chef/win32/security/sid.rb +++ b/lib/chef/win32/security/sid.rb @@ -203,6 +203,22 @@ class Chef SID.from_account("#{::ENV['USERDOMAIN']}\\#{::ENV['USERNAME']}") end + # See https://technet.microsoft.com/en-us/library/cc961992.aspx + # In practice, this is SID.Administrators if the current_user is an admin (even if not + # running elevated), and is current_user otherwise. On win2k3, it technically can be + # current_user in all cases if a certain group policy is set. + def self.default_security_object_owner + token = Chef::ReservedNames::Win32::Security.open_current_process_token + Chef::ReservedNames::Win32::Security.get_token_information_owner(token) + end + + # See https://technet.microsoft.com/en-us/library/cc961996.aspx + # In practice, this is generally the same as current_user + def self.default_security_object_group + token = Chef::ReservedNames::Win32::Security.open_current_process_token + Chef::ReservedNames::Win32::Security.get_token_information_primary_group(token) + end + def self.admin_account_name @admin_account_name ||= begin admin_account_name = nil |