p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

island: Remove FILE_SHARE_WRITE from windows permissions 

Granting FILE_SHARE_WRITE on mongo_key.bin is unnecessary. Since
mongo_key.bin is the only file that is created using
_get_file_descriptor_for_new_secure_file_windows() at the moment, we
won't grant FILE_SHARE_WRITE.
This commit is contained in:
Mike Salvatore 2021-06-21 13:43:20 -04:00
parent 2d18a68787
commit 02ed22bab7
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
monkey/monkey_island/cc/server_utils/file_utils.py
View File

@ -85,7 +85,12 @@ def _get_file_descriptor_for_new_secure_file_linux(path: str) -> int:
def _get_file_descriptor_for_new_secure_file_windows(path: str) -> int: def _get_file_descriptor_for_new_secure_file_windows(path: str) -> int:
try: try:
file_access = win32file.GENERIC_READ | win32file.GENERIC_WRITE file_access = win32file.GENERIC_READ | win32file.GENERIC_WRITE
file_sharing = win32file.FILE_SHARE_READ | win32file.FILE_SHARE_WRITE
# Enables other processes to open this file with read-only access.
# Attempts by other processes to open the file for writing while this
# process still holds it open will fail.
file_sharing = win32file.FILE_SHARE_READ
security_attributes = win32security.SECURITY_ATTRIBUTES() security_attributes = win32security.SECURITY_ATTRIBUTES()
security_attributes.SECURITY_DESCRIPTOR = ( security_attributes.SECURITY_DESCRIPTOR = (
windows_permissions.get_security_descriptor_for_owner_only_perms() windows_permissions.get_security_descriptor_for_owner_only_perms()