Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

122 lines
3.5 KiB

  1. /*++
  2. Copyright (C) Microsoft Corporation, 1996 - 1999
  3. Module Name:
  4. NTacls
  5. Abstract:
  6. This header file describes the classes used in managing ACLs within Calais.
  7. Author:
  8. Doug Barlow (dbarlow) 1/24/1997
  9. Environment:
  10. Windows NT, Win32, C++ w/ Exceptions
  11. Notes:
  12. ?Notes?
  13. --*/
  14. #ifndef _NTACLS_H_
  15. #define _NTACLS_H_
  16. #include <wtypes.h>
  17. #include <Malloc.h>
  18. #include "buffers.h"
  19. /////////////////////////////////////////////////////////////////////////////
  20. // CSecurityDescriptor
  21. class CSecurityDescriptor
  22. {
  23. public:
  24. typedef struct {
  25. SID_IDENTIFIER_AUTHORITY sid;
  26. DWORD dwRidCount; // Actual number of RIDs following
  27. DWORD rgRids[2];
  28. } SecurityId;
  29. static const SecurityId
  30. SID_Null,
  31. SID_World,
  32. SID_Owner,
  33. SID_Group,
  34. SID_Admins,
  35. SID_SrvOps,
  36. SID_DialUp,
  37. SID_Network,
  38. SID_Batch,
  39. SID_Interactive,
  40. SID_Service,
  41. SID_System,
  42. SID_LocalService,
  43. SID_SysDomain,
  44. SID_RemoteInteractive;
  45. CSecurityDescriptor();
  46. ~CSecurityDescriptor();
  47. public:
  48. PSECURITY_DESCRIPTOR m_pSD;
  49. PSID m_pOwner;
  50. PSID m_pGroup;
  51. PACL m_pDACL;
  52. PACL m_pSACL;
  53. SECURITY_ATTRIBUTES m_saAttrs;
  54. BOOL m_fInheritance;
  55. public:
  56. HRESULT Attach(PSECURITY_DESCRIPTOR pSelfRelativeSD);
  57. HRESULT AttachObject(HANDLE hObject);
  58. HRESULT Initialize();
  59. HRESULT InitializeFromProcessToken(BOOL bDefaulted = FALSE);
  60. HRESULT InitializeFromThreadToken(BOOL bDefaulted = FALSE, BOOL bRevertToProcessToken = TRUE);
  61. HRESULT SetOwner(PSID pOwnerSid, BOOL bDefaulted = FALSE);
  62. HRESULT SetGroup(PSID pGroupSid, BOOL bDefaulted = FALSE);
  63. HRESULT Allow(const SecurityId *psidPrincipal, DWORD dwAccessMask);
  64. HRESULT Allow(LPCTSTR pszPrincipal, DWORD dwAccessMask);
  65. HRESULT AllowOwner(DWORD dwAccessMask);
  66. HRESULT Deny(const SecurityId *psidPrincipal, DWORD dwAccessMask);
  67. HRESULT Deny(LPCTSTR pszPrincipal, DWORD dwAccessMask);
  68. HRESULT Revoke(LPCTSTR pszPrincipal);
  69. void SetInheritance (BOOL fInheritance) {m_fInheritance = fInheritance;};
  70. HRESULT AddAccessAllowedACEToACL(PACL *Acl, DWORD dwAccessMask);
  71. // utility functions
  72. // Any PSID you get from these functions should be free()ed
  73. static HRESULT SetPrivilege(LPCTSTR Privilege, BOOL bEnable = TRUE, HANDLE hToken = NULL);
  74. static HRESULT GetTokenSids(HANDLE hToken, PSID* ppUserSid, PSID* ppGroupSid);
  75. static HRESULT GetProcessSids(PSID* ppUserSid, PSID* ppGroupSid = NULL);
  76. static HRESULT GetThreadSids(PSID* ppUserSid, PSID* ppGroupSid = NULL, BOOL bOpenAsSelf = FALSE);
  77. static HRESULT CopyACL(PACL pDest, PACL pSrc);
  78. static HRESULT GetCurrentUserSID(PSID *ppSid);
  79. static HRESULT GetPrincipalSID(LPCTSTR pszPrincipal, PSID *ppSid);
  80. static HRESULT AddAccessAllowedACEToACL(PACL *Acl, const SecurityId *psidPrincipal, DWORD dwAccessMask);
  81. static HRESULT AddAccessAllowedACEToACL(PACL *Acl, LPCTSTR pszPrincipal, DWORD dwAccessMask);
  82. static HRESULT AddAccessDeniedACEToACL(PACL *Acl, const SecurityId *psidPrincipal, DWORD dwAccessMask);
  83. static HRESULT AddAccessDeniedACEToACL(PACL *Acl, LPCTSTR pszPrincipal, DWORD dwAccessMask);
  84. static HRESULT RemovePrincipalFromACL(PACL Acl, LPCTSTR pszPrincipal);
  85. operator PSECURITY_DESCRIPTOR()
  86. {
  87. return m_pSD;
  88. }
  89. operator LPSECURITY_ATTRIBUTES();
  90. };
  91. #endif // _NTACLS_H_