archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/base/ntsetup/winnt32/dll/security.c

468 lines
10 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include "precomp.h"
  2. #pragma hdrstop
  5. #ifdef UNICODE
  7. BOOL
  8. MyCheckTokenMembership (
  9. IN HANDLE TokenHandle OPTIONAL,
  10. IN PSID SidToCheck,
  11. OUT PBOOL IsMember
  12. )
  13. /*++
  15. Routine Description:
  17. This function checks to see whether the specified sid is enabled in
  18. the specified token.
  20. It was copied from advapi32\security.c
  22. Arguments:
  24. TokenHandle - If present, this token is checked for the sid. If not
  25. present then the current effective token will be used. This must
  26. be an impersonation token.
  28. SidToCheck - The sid to check for presence in the token
  30. IsMember - If the sid is enabled in the token, contains TRUE otherwise
  31. false.
  33. Return Value:
  35. TRUE - The API completed successfully. It does not indicate that the
  36. sid is a member of the token.
  38. FALSE - The API failed. A more detailed status code can be retrieved
  39. via GetLastError()
  42. --*/
  43. {
  44. HANDLE ProcessToken = NULL;
  45. HANDLE EffectiveToken = NULL;
  46. NTSTATUS Status = STATUS_SUCCESS;
  47. PISECURITY_DESCRIPTOR SecDesc = NULL;
  48. ULONG SecurityDescriptorSize;
  49. GENERIC_MAPPING GenericMapping = {
  50. STANDARD_RIGHTS_READ,
  51. STANDARD_RIGHTS_EXECUTE,
  52. STANDARD_RIGHTS_WRITE,
  53. STANDARD_RIGHTS_ALL };
  54. //
  55. // The size of the privilege set needs to contain the set itself plus
  56. // any privileges that may be used. The privileges that are used
  57. // are SeTakeOwnership and SeSecurity, plus one for good measure
  58. //
  60. BYTE PrivilegeSetBuffer[sizeof(PRIVILEGE_SET) + 3*sizeof(LUID_AND_ATTRIBUTES)];
  61. PPRIVILEGE_SET PrivilegeSet = (PPRIVILEGE_SET) PrivilegeSetBuffer;
  62. ULONG PrivilegeSetLength = sizeof(PrivilegeSetBuffer);
  63. ACCESS_MASK AccessGranted = 0;
  64. NTSTATUS AccessStatus = 0;
  65. PACL Dacl = NULL;
  67. #define MEMBER_ACCESS 1
  69. *IsMember = FALSE;
  71. //
  72. // Get a handle to the token
  73. //
  75. if (ARGUMENT_PRESENT(TokenHandle))
  76. {
  77. EffectiveToken = TokenHandle;
  78. }
  79. else
  80. {
  81. Status = NtOpenThreadToken(
  82. NtCurrentThread(),
  83. TOKEN_QUERY,
  84. FALSE, // don't open as self
  85. &EffectiveToken
  86. );
  88. //
  89. // if there is no thread token, try the process token
  90. //
  92. if (Status == STATUS_NO_TOKEN)
  93. {
  94. Status = NtOpenProcessToken(
  95. NtCurrentProcess(),
  96. TOKEN_QUERY | TOKEN_DUPLICATE,
  97. &ProcessToken
  98. );
  99. //
  100. // If we have a process token, we need to convert it to an
  101. // impersonation token
  102. //
  104. if (NT_SUCCESS(Status))
  105. {
  106. BOOL Result;
  107. Result = DuplicateToken(
  108. ProcessToken,
  109. SecurityImpersonation,
  110. &EffectiveToken
  111. );
  113. CloseHandle(ProcessToken);
  114. if (!Result)
  115. {
  116. return(FALSE);
  117. }
  118. }
  119. }
  121. if (!NT_SUCCESS(Status))
  122. {
  123. goto Cleanup;
  124. }
  126. }
  128. //
  129. // Construct a security descriptor to pass to access check
  130. //
  132. //
  133. // The size is equal to the size of an SD + twice the length of the SID
  134. // (for owner and group) + size of the DACL = sizeof ACL + size of the
  135. // ACE, which is an ACE + length of
  136. // ths SID.
  137. //
  139. SecurityDescriptorSize = sizeof(SECURITY_DESCRIPTOR) +
  140. sizeof(ACCESS_ALLOWED_ACE) +
  141. sizeof(ACL) +
  142. 3 * RtlLengthSid(SidToCheck);
  144. SecDesc = (PISECURITY_DESCRIPTOR) LocalAlloc(LMEM_ZEROINIT, SecurityDescriptorSize );
  145. if (SecDesc == NULL)
  146. {
  147. Status = STATUS_INSUFFICIENT_RESOURCES;
  148. goto Cleanup;
  149. }
  150. Dacl = (PACL) (SecDesc + 1);
  152. RtlCreateSecurityDescriptor(
  153. SecDesc,
  154. SECURITY_DESCRIPTOR_REVISION
  155. );
  157. //
  158. // Fill in fields of security descriptor
  159. //
  161. RtlSetOwnerSecurityDescriptor(
  162. SecDesc,
  163. SidToCheck,
  164. FALSE
  165. );
  166. RtlSetGroupSecurityDescriptor(
  167. SecDesc,
  168. SidToCheck,
  169. FALSE
  170. );
  172. Status = RtlCreateAcl(
  173. Dacl,
  174. SecurityDescriptorSize - sizeof(SECURITY_DESCRIPTOR),
  175. ACL_REVISION
  176. );
  177. if (!NT_SUCCESS(Status))
  178. {
  179. goto Cleanup;
  180. }
  181. Status = RtlAddAccessAllowedAce(
  182. Dacl,
  183. ACL_REVISION,
  184. MEMBER_ACCESS,
  185. SidToCheck
  186. );
  188. if (!NT_SUCCESS(Status))
  189. {
  190. goto Cleanup;
  191. }
  193. //
  194. // Set the DACL on the security descriptor
  195. //
  197. Status = RtlSetDaclSecurityDescriptor(
  198. SecDesc,
  199. TRUE, // DACL present
  200. Dacl,
  201. FALSE // not defaulted
  202. );
  203. if (!NT_SUCCESS(Status))
  204. {
  205. goto Cleanup;
  206. }
  208. Status = NtAccessCheck(
  209. SecDesc,
  210. EffectiveToken,
  211. MEMBER_ACCESS,
  212. &GenericMapping,
  213. PrivilegeSet,
  214. &PrivilegeSetLength,
  215. &AccessGranted,
  216. &AccessStatus
  217. );
  218. if (!NT_SUCCESS(Status))
  219. {
  220. goto Cleanup;
  221. }
  223. //
  224. // if the access check failed, then the sid is not a member of the
  225. // token
  226. //
  228. if ((AccessStatus == STATUS_SUCCESS) && (AccessGranted == MEMBER_ACCESS))
  229. {
  230. *IsMember = TRUE;
  231. }
  236. Cleanup:
  237. if (!ARGUMENT_PRESENT(TokenHandle) && (EffectiveToken != NULL))
  238. {
  239. (VOID) NtClose(EffectiveToken);
  240. }
  242. if (SecDesc != NULL)
  243. {
  244. LocalFree(SecDesc);
  245. }
  247. if (!NT_SUCCESS(Status))
  248. {
  249. SetLastError (RtlNtStatusToDosError (Status));
  250. return(FALSE);
  251. }
  252. else
  253. {
  254. return(TRUE);
  255. }
  256. }
  258. #endif
  260. BOOL
  261. IsUserAdmin(
  262. VOID
  263. )
  265. /*++
  267. Routine Description:
  269. This routine returns TRUE if the caller's process is a
  270. member of the Administrators local group.
  272. Caller is NOT expected to be impersonating anyone and IS
  273. expected to be able to open their own process and process
  274. token.
  276. Arguments:
  278. None.
  280. Return Value:
  282. TRUE - Caller has Administrators local group.
  284. FALSE - Caller does not have Administrators local group.
  286. --*/
  288. {
  289. #ifdef UNICODE
  291. BOOL b;
  292. SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
  293. PSID AdministratorsGroup;
  295. //
  296. // On non-NT platforms the user is administrator.
  297. //
  298. if(!ISNT()) {
  299. return(TRUE);
  300. }
  302. b = AllocateAndInitializeSid (
  303. &NtAuthority,
  304. 2,
  305. SECURITY_BUILTIN_DOMAIN_RID,
  306. DOMAIN_ALIAS_RID_ADMINS,
  307. 0, 0, 0, 0, 0, 0,
  308. &AdministratorsGroup
  309. );
  311. if (b) {
  312. //
  313. // See if the user has the administrators group.
  314. //
  315. if (!MyCheckTokenMembership (NULL, AdministratorsGroup, &b)) {
  316. b = FALSE;
  317. }
  319. FreeSid(AdministratorsGroup);
  320. }
  322. return(b);
  324. #else
  326. return TRUE;
  328. #endif
  329. }
  333. BOOL
  334. DoesUserHavePrivilege(
  335. PCTSTR PrivilegeName
  336. )
  338. /*++
  340. Routine Description:
  342. This routine returns TRUE if the caller's process has
  343. the specified privilege. The privilege does not have
  344. to be currently enabled. This routine is used to indicate
  345. whether the caller has the potential to enable the privilege.
  347. Caller is NOT expected to be impersonating anyone and IS
  348. expected to be able to open their own process and process
  349. token.
  351. Arguments:
  353. Privilege - the name form of privilege ID (such as
  354. SE_SECURITY_NAME).
  356. Return Value:
  358. TRUE - Caller has the specified privilege.
  360. FALSE - Caller does not have the specified privilege.
  362. --*/
  364. {
  365. HANDLE Token;
  366. ULONG BytesRequired;
  367. PTOKEN_PRIVILEGES Privileges;
  368. BOOL b;
  369. DWORD i;
  370. LUID Luid;
  372. //
  373. // On non-NT platforms the user has all privileges
  374. //
  375. if(!ISNT()) {
  376. return(TRUE);
  377. }
  379. //
  380. // Open the process token.
  381. //
  382. if(!OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY,&Token)) {
  383. return(FALSE);
  384. }
  386. b = FALSE;
  387. Privileges = NULL;
  389. //
  390. // Get privilege information.
  391. //
  392. if(!GetTokenInformation(Token,TokenPrivileges,NULL,0,&BytesRequired)
  393. && (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
  394. && (Privileges = (PTOKEN_PRIVILEGES)LocalAlloc(LPTR,BytesRequired))
  395. && GetTokenInformation(Token,TokenPrivileges,Privileges,BytesRequired,&BytesRequired)
  396. && LookupPrivilegeValue(NULL,PrivilegeName,&Luid)) {
  398. //
  399. // See if we have the requested privilege
  400. //
  401. for(i=0; i<Privileges->PrivilegeCount; i++) {
  403. if(!memcmp(&Luid,&Privileges->Privileges[i].Luid,sizeof(LUID))) {
  405. b = TRUE;
  406. break;
  407. }
  408. }
  409. }
  411. //
  412. // Clean up and return.
  413. //
  415. if(Privileges) {
  416. LocalFree((HLOCAL)Privileges);
  417. }
  419. CloseHandle(Token);
  421. return(b);
  422. }
  425. BOOL
  426. EnablePrivilege(
  427. IN PTSTR PrivilegeName,
  428. IN BOOL Enable
  429. )
  430. {
  431. HANDLE Token;
  432. BOOL b;
  433. TOKEN_PRIVILEGES NewPrivileges;
  434. LUID Luid;
  436. //
  437. // On non-NT platforms the user already has all privileges
  438. //
  439. if(!ISNT()) {
  440. return(TRUE);
  441. }
  443. if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&Token)) {
  444. return(FALSE);
  445. }
  447. if(!LookupPrivilegeValue(NULL,PrivilegeName,&Luid)) {
  448. CloseHandle(Token);
  449. return(FALSE);
  450. }
  452. NewPrivileges.PrivilegeCount = 1;
  453. NewPrivileges.Privileges[0].Luid = Luid;
  454. NewPrivileges.Privileges[0].Attributes = Enable ? SE_PRIVILEGE_ENABLED : 0;
  456. b = AdjustTokenPrivileges(
  457. Token,
  458. FALSE,
  459. &NewPrivileges,
  460. 0,
  461. NULL,
  462. NULL
  463. );
  465. CloseHandle(Token);
  467. return(b);
  468. }