From 9a95bf181c3cd3fec22c24a6d99129a2fa01bcaa Mon Sep 17 00:00:00 2001
From: midipix <writeonce@midipix.org>
Date: Mar 21 2018 03:27:58 +0000
Subject: sysv msgqueue: open ipc directory with minimally required access.


---

diff --git a/src/msq/ntapi_msq_connect.c b/src/msq/ntapi_msq_connect.c
index 301adfa..b93fb94 100644
--- a/src/msq/ntapi_msq_connect.c
+++ b/src/msq/ntapi_msq_connect.c
@@ -103,7 +103,11 @@ static int32_t __msqpid_symlink_set(
 	if (!rtdata->hmsqpiddir) {
 		if ((status = __ntapi->tt_open_ipc_object_directory(
 				&hpiddir,
-				NT_DIRECTORY_ALL_ACCESS,
+				NT_SEC_READ_CONTROL
+					| NT_DIRECTORY_QUERY
+					| NT_DIRECTORY_TRAVERSE
+					| NT_DIRECTORY_CREATE_OBJECT
+					| NT_DIRECTORY_CREATE_SUBDIRECTORY,
 				p_msqpid,&g_msqpid)))
 			return status;
 
@@ -294,7 +298,7 @@ int32_t	__stdcall __ntapi_msq_open(
 
 	status = __ntapi->zw_open_symbolic_link_object(
 		&hsymlink,
-		NT_SEC_STANDARD_RIGHTS_READ | NT_GENERIC_READ,
+		NT_SYMBOLIC_LINK_QUERY,
 		&ipcoa);
 
 	switch (status) {