mirror of https://github.com/lianthony/NT4.0
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
216 lines
3.3 KiB
216 lines
3.3 KiB
/****************************** Module Header ******************************\
|
|
* Module Name: security.h
|
|
*
|
|
* Copyright (c) 1991, Microsoft Corporation
|
|
*
|
|
* Define various winlogon security-related routines
|
|
*
|
|
* History:
|
|
* 12-09-91 Davidc Created.
|
|
\***************************************************************************/
|
|
|
|
|
|
extern PSID pWinlogonSid;
|
|
|
|
//
|
|
// Types used by security descriptor helper routines
|
|
//
|
|
|
|
typedef LONG ACEINDEX;
|
|
typedef ACEINDEX *PACEINDEX;
|
|
|
|
typedef struct _MYACE {
|
|
PSID Sid;
|
|
ACCESS_MASK AccessMask;
|
|
UCHAR InheritFlags;
|
|
} MYACE;
|
|
typedef MYACE *PMYACE;
|
|
|
|
|
|
//
|
|
// Exported function prototypes
|
|
//
|
|
|
|
|
|
VOID
|
|
SetMyAce(
|
|
PMYACE MyAce,
|
|
PSID Sid,
|
|
ACCESS_MASK Mask,
|
|
UCHAR InheritFlags
|
|
);
|
|
|
|
PSECURITY_DESCRIPTOR
|
|
CreateSecurityDescriptor(
|
|
PMYACE MyAce,
|
|
ACEINDEX AceCount
|
|
);
|
|
|
|
BOOL
|
|
DeleteSecurityDescriptor(
|
|
PSECURITY_DESCRIPTOR SecurityDescriptor
|
|
);
|
|
|
|
|
|
|
|
BOOL
|
|
SetWindowStationSecurity(
|
|
IN PGLOBALS pGlobals,
|
|
IN PSID UserSid
|
|
);
|
|
|
|
BOOL
|
|
SetWinlogonDesktopSecurity(
|
|
IN HDESK hdesk,
|
|
IN PSID WinlogonSid
|
|
);
|
|
|
|
BOOL
|
|
SetUserDesktopSecurity(
|
|
IN HDESK hdesk,
|
|
IN PSID UserSid,
|
|
IN PSID WinlogonSid
|
|
);
|
|
|
|
BOOL
|
|
InitializeSecurity(
|
|
PGLOBALS pGlobals
|
|
);
|
|
|
|
|
|
PSID
|
|
CreateLogonSid(
|
|
PLUID LogonId OPTIONAL
|
|
);
|
|
|
|
VOID
|
|
DeleteLogonSid(
|
|
PSID Sid
|
|
);
|
|
|
|
PSECURITY_DESCRIPTOR
|
|
CreateUserProfileKeySD(
|
|
PSID UserSid,
|
|
PSID WinlogonSid,
|
|
BOOL AllAccess
|
|
);
|
|
|
|
BOOL
|
|
EnablePrivilege(
|
|
ULONG Privilege,
|
|
BOOL Enable
|
|
);
|
|
|
|
VOID
|
|
ClearUserProcessData(
|
|
PUSER_PROCESS_DATA UserProcessData
|
|
);
|
|
|
|
BOOL
|
|
SetUserProcessData(
|
|
PUSER_PROCESS_DATA UserProcessData,
|
|
HANDLE UserToken,
|
|
PQUOTA_LIMITS Quotas OPTIONAL,
|
|
PSID UserSid,
|
|
PSID WinlogonSid
|
|
);
|
|
|
|
BOOL
|
|
SecurityChangeUser(
|
|
PGLOBALS pGlobals,
|
|
HANDLE Token,
|
|
PQUOTA_LIMITS Quotas OPTIONAL,
|
|
PSID LogonSid,
|
|
BOOL UserLoggedOn
|
|
);
|
|
|
|
BOOL
|
|
TestTokenForAdmin(
|
|
HANDLE Token
|
|
);
|
|
|
|
BOOL
|
|
TestUserForAdmin(
|
|
PGLOBALS pGlobals,
|
|
IN PWCHAR UserName,
|
|
IN PWCHAR Domain,
|
|
IN PUNICODE_STRING PasswordString
|
|
);
|
|
|
|
HANDLE
|
|
ImpersonateUser(
|
|
PUSER_PROCESS_DATA UserProcessData,
|
|
HANDLE ThreadHandle OPTIONAL
|
|
);
|
|
|
|
BOOL
|
|
StopImpersonating(
|
|
HANDLE ThreadHandle
|
|
);
|
|
|
|
BOOL
|
|
TestUserPrivilege(
|
|
PGLOBALS pGlobals,
|
|
ULONG Privilege
|
|
);
|
|
|
|
VOID
|
|
HidePassword(
|
|
PUCHAR Seed OPTIONAL,
|
|
PUNICODE_STRING Password
|
|
);
|
|
|
|
|
|
VOID
|
|
RevealPassword(
|
|
PUNICODE_STRING HiddenPassword
|
|
);
|
|
|
|
VOID
|
|
ErasePassword(
|
|
PUNICODE_STRING Password
|
|
);
|
|
|
|
BOOL
|
|
SetProcessToken(
|
|
HANDLE hProcess,
|
|
HANDLE hThread,
|
|
PSECURITY_DESCRIPTOR psd,
|
|
HANDLE hToken
|
|
);
|
|
|
|
PSECURITY_DESCRIPTOR
|
|
CreateUserThreadSD(
|
|
PSID UserSid,
|
|
PSID WinlogonSid
|
|
);
|
|
|
|
PSECURITY_DESCRIPTOR
|
|
CreateUserThreadTokenSD(
|
|
PSID UserSid,
|
|
PSID WinlogonSid
|
|
);
|
|
|
|
HANDLE ExecUserThread(
|
|
IN PGLOBALS pGlobals,
|
|
IN LPTHREAD_START_ROUTINE lpStartAddress,
|
|
IN LPVOID Parameter,
|
|
IN DWORD Flags,
|
|
OUT LPDWORD ThreadId
|
|
);
|
|
|
|
BOOL
|
|
RemoveUserFromWinsta(
|
|
PWinstaDescription pWinsta,
|
|
HANDLE Token );
|
|
|
|
BOOL
|
|
AddUserToWinsta(
|
|
PWinstaDescription pWinsta,
|
|
PSID LogonSid,
|
|
HANDLE Token );
|
|
|
|
BOOL
|
|
FastSetWinstaSecurity(
|
|
PWinstaDescription pWinsta,
|
|
BOOL FullAccess);
|