1 files changed, 102 insertions, 2 deletions

diff --git a/opentrack-compat/shm.cpp b/opentrack-compat/shm.cpp
index 029a4c95..9eb1b90e 100644
--- a/opentrack-compat/shm.cpp
+++ b/opentrack-compat/shm.cpp
@@ -6,15 +6,115 @@
  */
 
 #include <cstring>
+#include <cstdio>
 #include "shm.h"
 
 #if defined(_WIN32)
+
+#include <accctrl.h>
+#include <aclapi.h>
+
+struct secattr
+{
+    bool success;
+    SECURITY_DESCRIPTOR* pSD;
+    SECURITY_ATTRIBUTES attrs;
+    PSID pEveryoneSID;
+    PACL pACL;
+
+    void cleanup()
+    {
+        if (pEveryoneSID)
+            FreeSid(pEveryoneSID);
+        if (pACL)
+            LocalFree(pACL);
+        if (pSD)
+            LocalFree(pSD);
+        success = false;
+        pSD = nullptr;
+        pEveryoneSID = nullptr;
+        pACL = nullptr;
+    }
+
+    secattr() : success(true), pSD(nullptr), pEveryoneSID(nullptr), pACL(nullptr)
+    {
+        SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
+        EXPLICIT_ACCESS ea;
+
+        if(!AllocateAndInitializeSid(&SIDAuthWorld, 1,
+                         SECURITY_WORLD_RID,
+                         0, 0, 0, 0, 0, 0, 0,
+                         &pEveryoneSID))
+        {
+            fprintf(stderr, "AllocateAndInitializeSid: %d\n", (int) GetLastError());
+            goto cleanup;
+        }
+
+        memset(&ea, 0, sizeof(ea));
+
+        ea.grfAccessPermissions = KEY_READ;
+        ea.grfAccessMode = SET_ACCESS;
+        ea.grfInheritance = NO_INHERITANCE;
+        ea.Trustee.TrusteeForm = TRUSTEE_IS_SID;
+        ea.Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
+        ea.Trustee.ptstrName  = (LPTSTR) pEveryoneSID;
+
+        if (SetEntriesInAcl(1, &ea, NULL, &pACL) != ERROR_SUCCESS)
+        {
+            fprintf(stderr, "SetEntriesInAcl: %d\n", (int) GetLastError());
+            goto cleanup;
+        }
+
+        pSD = (SECURITY_DESCRIPTOR*) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
+        if (pSD == nullptr)
+        {
+            fprintf(stderr, "LocalAlloc: %d\n", (int) GetLastError());
+            goto cleanup;
+        }
+
+        if (!InitializeSecurityDescriptor(pSD,
+                    SECURITY_DESCRIPTOR_REVISION))
+        {
+            fprintf(stderr, "InitializeSecurityDescriptor: %d\n", (int) GetLastError());
+            goto cleanup;
+        }
+
+        if (!SetSecurityDescriptorDacl(pSD,
+                                       TRUE,
+                                       pACL,
+                                       FALSE))
+        {
+            fprintf(stderr, "SetSecurityDescriptorDacl: %d\n", (int) GetLastError());
+            goto cleanup;
+        }
+
+        attrs.bInheritHandle = false;
+        attrs.lpSecurityDescriptor = pSD;
+        attrs.nLength = sizeof(SECURITY_ATTRIBUTES);
+
+        fprintf(stderr, "security descriptor ok\n");
+        fflush(stderr);
+
+        return;
+cleanup:
+        fflush(stderr);
+        cleanup();
+    }
+
+    ~secattr()
+    {
+        cleanup();
+    }
+};
+
 PortableLockedShm::PortableLockedShm(const char* shmName, const char* mutexName, int mapSize)
 {
-    hMutex = CreateMutexA(NULL, false, mutexName);
+    secattr sa;
+
+    hMutex = CreateMutexA(sa.success ? &sa.attrs : nullptr, false, mutexName);
     hMapFile = CreateFileMappingA(
                  INVALID_HANDLE_VALUE,
-                 NULL,
+                 sa.success ? &sa.attrs : nullptr,
                  PAGE_READWRITE,
                  0,
                  mapSize,