archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/drivers/storage/newft/espprot.cxx

92 lines
2.6 KiB
Raw Normal View History

commiting as it is
5 years ago
  1. extern "C" {
  2. #include <ntosp.h>
  3. #include <zwapi.h>
  4. }
  6. #include <ftdisk.h>
  9. NTSTATUS
  10. FtpApplyESPProtection(
  11. IN PUNICODE_STRING PartitionName
  12. )
  14. {
  15. ULONG length;
  16. PACL acl;
  17. NTSTATUS status;
  18. SECURITY_DESCRIPTOR sd;
  19. OBJECT_ATTRIBUTES oa;
  20. HANDLE h;
  21. IO_STATUS_BLOCK ioStatus;
  23. length = sizeof(ACL) + 3*sizeof(ACCESS_ALLOWED_ACE) +
  24. RtlLengthSid(SeExports->SeLocalSystemSid) +
  25. RtlLengthSid(SeExports->SeAliasAdminsSid) +
  26. RtlLengthSid(SeExports->SeWorldSid) +
  27. 8; // The 8 is just for good measure.
  29. acl = (PACL) ExAllocatePool(PagedPool, length);
  30. if (!acl) {
  31. return STATUS_INSUFFICIENT_RESOURCES;
  32. }
  34. status = RtlCreateAcl(acl, length, ACL_REVISION2);
  35. if (!NT_SUCCESS(status)) {
  36. ExFreePool(acl);
  37. return status;
  38. }
  40. status = RtlAddAccessAllowedAce(acl, ACL_REVISION2, FILE_READ_ATTRIBUTES |
  41. SYNCHRONIZE | READ_CONTROL,
  42. SeExports->SeWorldSid);
  43. if (!NT_SUCCESS(status)) {
  44. ExFreePool(acl);
  45. return status;
  46. }
  48. status = RtlAddAccessAllowedAce(acl, ACL_REVISION2, GENERIC_ALL,
  49. SeExports->SeLocalSystemSid);
  50. if (!NT_SUCCESS(status)) {
  51. ExFreePool(acl);
  52. return status;
  53. }
  55. status = RtlAddAccessAllowedAce(acl, ACL_REVISION2, GENERIC_READ |
  56. GENERIC_WRITE | GENERIC_EXECUTE |
  57. READ_CONTROL, SeExports->SeAliasAdminsSid);
  58. if (!NT_SUCCESS(status)) {
  59. ExFreePool(acl);
  60. return status;
  61. }
  63. status = RtlCreateSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
  64. if (!NT_SUCCESS(status)) {
  65. ExFreePool(acl);
  66. return status;
  67. }
  69. status = RtlSetDaclSecurityDescriptor(&sd, TRUE, acl, FALSE);
  70. if (!NT_SUCCESS(status)) {
  71. ExFreePool(acl);
  72. return status;
  73. }
  75. InitializeObjectAttributes(&oa, PartitionName, OBJ_CASE_INSENSITIVE |
  76. OBJ_KERNEL_HANDLE, NULL, NULL);
  78. status = ZwOpenFile(&h, WRITE_DAC, &oa, &ioStatus, FILE_SHARE_READ |
  79. FILE_SHARE_WRITE | FILE_SHARE_DELETE,
  80. FILE_SYNCHRONOUS_IO_ALERT);
  81. if (!NT_SUCCESS(status)) {
  82. ExFreePool(acl);
  83. return status;
  84. }
  86. status = ZwSetSecurityObject(h, DACL_SECURITY_INFORMATION, &sd);
  88. ZwClose(h);
  89. ExFreePool(acl);
  91. return status;
  92. }