summaryrefslogtreecommitdiffstats
path: root/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp')
-rw-r--r--src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp12
1 files changed, 6 insertions, 6 deletions
diff --git a/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp b/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp
index 747d975e..c05d0210 100644
--- a/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp
+++ b/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp
@@ -807,7 +807,7 @@ static int supHardNtViCheckIfNotSignedOk(RTLDRMOD hLdrMod, PCRTUTF16 pwszName, u
pwsz = pwszName + cwcOther + 1;
/* Must be owned by trusted installer. (This test is superfuous, thus no relaxation here.) */
- if ( !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
+ if ( !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OR_SIMILAR_OWNER)
&& !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
return rc;
@@ -868,7 +868,7 @@ static int supHardNtViCheckIfNotSignedOk(RTLDRMOD hLdrMod, PCRTUTF16 pwszName, u
return rc;
/* Must be owned by trusted installer. */
- if ( !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
+ if ( !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OR_SIMILAR_OWNER)
&& !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
return rc;
return VINF_LDRVI_NOT_SIGNED;
@@ -885,7 +885,7 @@ static int supHardNtViCheckIfNotSignedOk(RTLDRMOD hLdrMod, PCRTUTF16 pwszName, u
cwcOther = g_System32NtPath.UniStr.Length / sizeof(WCHAR); /* ASSUMES System32 is called System32. */
pwsz = pwszName + cwcOther + 1;
- if ( !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
+ if ( !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OR_SIMILAR_OWNER)
&& !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
return rc;
@@ -933,7 +933,7 @@ static int supHardNtViCheckIfNotSignedOk(RTLDRMOD hLdrMod, PCRTUTF16 pwszName, u
# endif
)
{
- if ( !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
+ if ( !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OR_SIMILAR_OWNER)
&& !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
return rc;
return VINF_LDRVI_NOT_SIGNED;
@@ -943,7 +943,7 @@ static int supHardNtViCheckIfNotSignedOk(RTLDRMOD hLdrMod, PCRTUTF16 pwszName, u
/*
* Anything that's owned by the trusted installer.
*/
- if ( (fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
+ if ( (fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OR_SIMILAR_OWNER)
|| supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
return VINF_LDRVI_NOT_SIGNED;
@@ -1379,7 +1379,7 @@ DECLHIDDEN(int) supHardenedWinVerifyImageByLdrMod(RTLDRMOD hLdrMod, PCRTUTF16 pw
*/
/** @todo Since we're now allowing Builtin\\Administrators after all, perhaps we
* could drop these system32 + winsxs hacks?? */
- if ( (pNtViRdr->fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
+ if ( (pNtViRdr->fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OR_SIMILAR_OWNER)
&& !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(pNtViRdr->hFile, pwszName))
{
if (supHardViUtf16PathStartsWithEx(pwszName, (uint32_t)RTUtf16Len(pwszName),