archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/authz/test/makesd/main.c

134 lines
3.6 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include "pch.h"
  2. #include "makesd.h"
  4. #include <stdio.h>
  6. #define MAILRM_IDENTIFIER_AUTHORITY { 0, 0, 0, 0, 0, 42 }
  8. SID sInsecureSid = { SID_REVISION, 1, MAILRM_IDENTIFIER_AUTHORITY, 1 };
  9. SID sBobSid = { SID_REVISION, 1, MAILRM_IDENTIFIER_AUTHORITY, 2 };
  10. SID sMarthaSid= { SID_REVISION, 1, MAILRM_IDENTIFIER_AUTHORITY, 3 };
  11. SID sJoeSid = { SID_REVISION, 1, MAILRM_IDENTIFIER_AUTHORITY, 4 };
  12. SID sJaneSid = { SID_REVISION, 1, MAILRM_IDENTIFIER_AUTHORITY, 5 };
  13. SID sMailAdminsSid = { SID_REVISION, 1, MAILRM_IDENTIFIER_AUTHORITY, 6 };
  15. PSID InsecureSid = &sInsecureSid;
  16. PSID BobSid = &sBobSid;
  17. PSID MarthaSid= &sMarthaSid;
  18. PSID JoeSid = &sJoeSid;
  19. PSID JaneSid = &sJaneSid;
  20. PSID MailAdminsSid = &sMailAdminsSid;
  22. //
  23. // Principal self SID. When used in an ACE, the Authz access check replaces it
  24. // by the passed in PrincipalSelfSid parameter during the access check. In this
  25. // case, it is replaced by the owner's SID retrieved from the mailbox.
  26. //
  28. SID sPrincipalSelfSid = {
  29. SID_REVISION,
  30. 1,
  31. SECURITY_NT_AUTHORITY,
  32. SECURITY_PRINCIPAL_SELF_RID
  33. };
  35. SID sNetworkSid = {
  36. SID_REVISION,
  37. 1,
  38. SECURITY_NT_AUTHORITY,
  39. SECURITY_NETWORK_RID
  40. };
  42. SID sAuthenticatedSid = {
  43. SID_REVISION,
  44. 1,
  45. SECURITY_NT_AUTHORITY,
  46. SECURITY_AUTHENTICATED_USER_RID,
  47. };
  49. SID sDialupSid = {
  50. SID_REVISION,
  51. 1,
  52. SECURITY_NT_AUTHORITY,
  53. SECURITY_DIALUP_RID,
  54. };
  56. PSID PrincipalSelfSid = &sPrincipalSelfSid;
  57. PSID NetworkSid = &sNetworkSid;
  58. PSID AuthenticatedSid = &sAuthenticatedSid;
  59. PSID DialupSid = &sDialupSid;
  63. void __cdecl wmain(int argc, WCHAR *argv[])
  64. {
  66. PSECURITY_DESCRIPTOR pSd;
  68. BOOL bSuccess;
  70. if( argc != 2 )
  71. {
  72. printf("Error: makesd <filename>\n");
  73. }
  75. bSuccess = CreateSecurityDescriptor2(
  76. &pSd, // SD
  77. 0, // SD Control
  78. PrincipalSelfSid, // owner
  79. NULL, // group
  80. TRUE, // DACL present
  81. 3, // 3 DACL ACEs
  82. FALSE, // SACL not present
  83. 0, // 0 SACL ACEs
  85. // Var argl list
  86. ACCESS_DENIED_ACE_TYPE,
  87. OBJECT_INHERIT_ACE,
  88. DialupSid,
  89. FILE_GENERIC_READ,
  91. ACCESS_ALLOWED_ACE_TYPE,
  92. OBJECT_INHERIT_ACE,
  93. AuthenticatedSid,
  94. FILE_GENERIC_READ,
  96. ACCESS_ALLOWED_CALLBACK_ACE_TYPE,
  97. OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
  98. PrincipalSelfSid,
  99. FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE,
  100. 0,
  101. NULL
  103. );
  105. if( !bSuccess )
  106. {
  107. printf("Error: %u\n", GetLastError());
  108. exit(0);
  109. }
  111. bSuccess = IsValidSecurityDescriptor(pSd);
  113. if( !bSuccess )
  114. {
  115. printf("Error: Invalid security descriptor\n");
  116. exit(0);
  117. }
  120. bSuccess = SetFileSecurity(
  121. argv[1],
  122. DACL_SECURITY_INFORMATION,
  123. pSd);
  125. if( !bSuccess )
  126. {
  127. printf("Error setting sec: %u\n", GetLastError());
  128. exit(0);
  129. }
  131. FreeSecurityDescriptor2(pSd);
  132. printf("Success\n");
  134. }