From 7015e6174c7f6227fcfa974d6561a84a463301c4 Mon Sep 17 00:00:00 2001
From: midipix <writeonce@midipix.org>
Date: Jun 20 2020 16:50:09 +0000
Subject: daemon: assign explicit permissions to the daemon's lpc port.


---

diff --git a/src/daemon/toks_daemon_init.c b/src/daemon/toks_daemon_init.c
index 162cb5a..8eba01c 100644
--- a/src/daemon/toks_daemon_init.c
+++ b/src/daemon/toks_daemon_init.c
@@ -22,6 +22,7 @@ static int32_t toks_daemon_init_impl(
 	wchar16_t *			port_name;
 	nt_port_name_keys *		port_name_keys;
 	void *				hsvclink;
+	nt_sd_common_buffer		sd;
 
 	/* daemon attributes */
 	dctx->daemon_attr.type    = NT_PORT_TYPE_DAEMON;
@@ -41,6 +42,19 @@ static int32_t toks_daemon_init_impl(
 		&dctx->daemon_name,
 		&dctx->daemon_attr);
 
+	/* daemon sd */
+	ntapi->acl_init_common_descriptor(
+		&sd,0,0,0,0,
+		NT_PORT_ALL_ACCESS | NT_SEC_STANDARD_RIGHTS_ALL,
+		NT_PORT_CONNECT | NT_SEC_READ_CONTROL,
+		NT_PORT_CONNECT | NT_SEC_READ_CONTROL,
+		NT_PORT_ALL_ACCESS | NT_SEC_STANDARD_RIGHTS_ALL,
+		NT_PORT_ALL_ACCESS | NT_SEC_STANDARD_RIGHTS_ALL,
+		0);
+
+	ntapi->tt_aligned_block_memlock(
+		&sd,sizeof(sd));
+
 	/* dparams */
 	ntapi->tt_aligned_block_memset(
 		&dparams,0,sizeof(dparams));
@@ -51,6 +65,7 @@ static int32_t toks_daemon_init_impl(
 	dparams.port_keys	= &dctx->daemon_keys;
 	dparams.port_name	= port_name;
 	dparams.port_name_keys	= port_name_keys;
+	dparams.port_sd		= &sd.sd;
 
 	dparams.port_msg_size	= sizeof(nt_tty_port_msg);
 	dparams.flags		= NT_DSR_INIT_DEFAULT;