archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/admin/cmdline/xcacls/filesec.cxx

198 lines
5.9 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+------------------------------------------------------------------
  2. //
  3. // Copyright (C) 1993, Microsoft Corporation.
  4. //
  5. // File: filesec.cxx
  6. //
  7. // Classes: CFileSecurity class encapsulating SECURITY_DESCRIPTOR
  8. //
  9. // History: Nov-93 DaveMont Created.
  10. // Oct-96 BrunoSc Modified
  11. //
  12. //-------------------------------------------------------------------
  13. #include "pch.h"
  14. #include "filesec.hxx"
  15. #include "caclsmsg.h"
  16. //+---------------------------------------------------------------------------
  17. // Function: Add2Ptr
  18. //
  19. // Synopsis: Add an unscaled increment to a ptr regardless of type.
  20. //
  21. // Arguments: [pv] -- Initial ptr.
  22. // [cb] -- Increment
  23. //
  24. // Returns: Incremented ptr.
  25. //
  26. //----------------------------------------------------------------------------
  27. VOID * Add2Ptr(VOID *pv, ULONG cb)
  28. {
  29. return((BYTE *) pv + cb);
  30. }
  31. //+---------------------------------------------------------------------------
  32. //
  33. // Member: CFileSecurity::CFileSecurity, public
  34. //
  35. // Synopsis: initializes data members
  36. // constructor will not throw
  37. //
  38. // Arguments: [filename] - name of file to apply security descriptor to
  39. //
  40. //----------------------------------------------------------------------------
  41. CFileSecurity::CFileSecurity(LPWSTR filename)
  42. : _psd(NULL),
  43. _pwfilename(filename)
  44. {
  45. }
  46. //+---------------------------------------------------------------------------
  47. //
  48. // Member: CFileSecurity::Init, public
  49. //
  50. // Synopsis: Init must be called before any other methods - this
  51. // is not enforced. gets security descriptor from file
  52. //
  53. // Arguments: none
  54. //
  55. //----------------------------------------------------------------------------
  56. ULONG CFileSecurity::Init()
  57. {
  58. ULONG ret;
  59. ULONG cpsd;
  61. // get the size of the security buffer
  62. if (!GetFileSecurity((LPCTSTR)_pwfilename,
  63. DACL_SECURITY_INFORMATION |
  64. GROUP_SECURITY_INFORMATION |
  65. OWNER_SECURITY_INFORMATION,
  66. NULL,
  67. 0,
  68. &cpsd) )
  69. {
  70. if (ERROR_INSUFFICIENT_BUFFER == (ret = GetLastError()))
  71. {
  72. if (NULL == (_psd = (BYTE *)LocalAlloc(LMEM_FIXED, cpsd)))
  73. {
  74. return(ERROR_NOT_ENOUGH_MEMORY);
  75. }
  77. // actually get the buffer this time
  79. if ( GetFileSecurity((LPCTSTR)_pwfilename,
  80. DACL_SECURITY_INFORMATION |
  81. GROUP_SECURITY_INFORMATION |
  82. OWNER_SECURITY_INFORMATION,
  83. _psd,
  84. cpsd,
  85. &cpsd) )
  86. ret = ERROR_SUCCESS;
  87. else
  88. ret = GetLastError();
  90. }
  91. // the following section was inserted to test an error when access to a file
  92. // has been denied
  93. else
  94. { if (ret == ERROR_ACCESS_DENIED)
  95. { return(ret);
  96. }
  97. }
  99. } else
  100. return(ERROR_NO_SECURITY_ON_OBJECT);
  102. return(ret);
  103. }
  104. //+---------------------------------------------------------------------------
  105. //
  106. // Member: Dtor, public
  107. //
  108. // Synopsis: frees security descriptor if allocated
  109. //
  110. // Arguments: none
  111. //
  112. //----------------------------------------------------------------------------
  113. CFileSecurity::~CFileSecurity()
  114. {
  115. if (_psd)
  116. {
  117. LocalFree(_psd);
  118. }
  119. }
  121. //+---------------------------------------------------------------------------
  122. //
  123. // Member: CFileSecurity::SetFS, public
  124. //
  125. // Synopsis: sets or modifies the security descriptor DACL on the specified file
  126. //
  127. // Arguments: IN - [fmodify] - TRUE = modify ACL, FALSE = replace ACL
  128. // IN - [pcdw] - wrapper around new ACEs
  129. // IN - [fdir] - TRUE = directory
  130. //
  131. // Returns: status
  132. //
  133. //----------------------------------------------------------------------------
  134. ULONG CFileSecurity::SetFS(BOOL fmodify, CDaclWrap *pcdw, BOOL fdir)
  135. {
  136. BOOL fdaclpresent;
  137. BOOL cod;
  138. ACL *pdacl;
  139. ULONG ret;
  141. // get the ACL from the security descriptor
  143. if ( GetSecurityDescriptorDacl(_psd,
  144. &fdaclpresent,
  145. &pdacl,
  146. &cod) )
  148. {
  149. if (fdaclpresent)
  150. {
  151. // build the new ACL (from the new ACEs and the old ACL)
  153. PACL pnewdacl = NULL;
  155. if (ERROR_SUCCESS == (ret = pcdw->BuildAcl(&pnewdacl,
  156. fmodify ? pdacl : NULL,
  157. pdacl ? pdacl->AclRevision : ACL_REVISION,
  158. fdir)
  159. ))
  160. {
  161. // make a new security descriptor
  163. SECURITY_DESCRIPTOR newsd;
  164. //NTRAID#NTBUG9-547532-2002/03/28-hiteshr
  165. if(!InitializeSecurityDescriptor( &newsd, SECURITY_DESCRIPTOR_REVISION ))
  166. {
  167. LocalFree(pnewdacl);
  168. return GetLastError();
  169. }
  171. if(!SetSecurityDescriptorDacl( &newsd, TRUE, pnewdacl, FALSE ))
  172. {
  173. LocalFree(pnewdacl);
  174. return GetLastError();
  175. }
  177. //
  178. // apply it to the file
  179. //
  181. if (!SetFileSecurity(_pwfilename,
  182. DACL_SECURITY_INFORMATION,
  183. &newsd))
  184. {
  185. ret = GetLastError();
  186. }
  187. LocalFree(pnewdacl);
  188. }
  189. }
  190. else
  191. return(ERROR_NO_SECURITY_ON_OBJECT);
  192. } else
  193. {
  194. ret = GetLastError();
  195. }
  197. return(ret);
  198. }