Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

161 lines
4.6 KiB

  1. /*++
  2. Copyright (c) 1993 Microsoft Corporation
  3. Module Name:
  4. regacl.c
  5. Abstract:
  6. This module contains the code for adding access permission ACL in a registry
  7. key.
  8. Author:
  9. Terrence Kwan (terryk) 25-Sept-1993
  10. Revision History:
  11. --*/
  12. #include <procs.h>
  13. DWORD
  14. NwLibSetEverybodyPermission(
  15. IN HKEY hKey,
  16. IN DWORD dwPermission
  17. )
  18. /*++
  19. Routine Description:
  20. Set the registry key to everybody "Set Value" (or whatever
  21. the caller want.)
  22. Arguments:
  23. hKey - The handle of the registry key to set security on
  24. dwPermission - The permission to add to "everybody"
  25. Return Value:
  26. The win32 error.
  27. --*/
  28. {
  29. LONG err; // error code
  30. PSECURITY_DESCRIPTOR psd = NULL; // related SD
  31. PACL pDacl = NULL; // Absolute DACL
  32. PACL pSacl = NULL; // Absolute SACL
  33. PSID pOSid = NULL; // Absolute Owner SID
  34. PSID pPSid = NULL; // Absolute Primary SID
  35. do { // Not a loop, just for breaking out of error
  36. //
  37. // Initialize all the variables...
  38. //
  39. // world sid authority
  40. SID_IDENTIFIER_AUTHORITY SidAuth= SECURITY_WORLD_SID_AUTHORITY;
  41. DWORD cbSize=0; // Security key size
  42. PACL pAcl; // original ACL
  43. BOOL fDaclPresent;
  44. BOOL fDaclDefault;
  45. PSID pSid; // original SID
  46. SECURITY_DESCRIPTOR absSD; // Absolute SD
  47. DWORD AbsSize = sizeof(SECURITY_DESCRIPTOR); // Absolute SD size
  48. DWORD DaclSize; // Absolute DACL size
  49. DWORD SaclSize; // Absolute SACL size
  50. DWORD OSidSize; // Absolute OSID size
  51. DWORD PSidSize; // Absolute PSID size
  52. // Get the original DACL list
  53. RegGetKeySecurity( hKey, DACL_SECURITY_INFORMATION, NULL, &cbSize);
  54. psd = (PSECURITY_DESCRIPTOR *)LocalAlloc(LMEM_ZEROINIT, cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID));
  55. pDacl = (PACL)LocalAlloc(LMEM_ZEROINIT, cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID));
  56. pSacl = (PACL)LocalAlloc(LMEM_ZEROINIT, cbSize);
  57. pOSid = (PSID)LocalAlloc(LMEM_ZEROINIT, cbSize);
  58. pPSid = (PSID)LocalAlloc(LMEM_ZEROINIT, cbSize);
  59. DaclSize = cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID);
  60. SaclSize = cbSize;
  61. OSidSize = cbSize;
  62. PSidSize = cbSize;
  63. if (( NULL == psd) ||
  64. ( NULL == pDacl) ||
  65. ( NULL == pSacl) ||
  66. ( NULL == pOSid) ||
  67. ( NULL == pPSid))
  68. {
  69. err = ERROR_INSUFFICIENT_BUFFER;
  70. break;
  71. }
  72. if ( (err = RegGetKeySecurity( hKey, DACL_SECURITY_INFORMATION, psd, &cbSize )) != ERROR_SUCCESS )
  73. {
  74. break;
  75. }
  76. if ( !GetSecurityDescriptorDacl( psd, &fDaclPresent, &pAcl, &fDaclDefault ))
  77. {
  78. err = GetLastError();
  79. break;
  80. }
  81. // Increase the size for an extra ACE
  82. pAcl->AclSize += sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID);
  83. // Get World SID
  84. if ( (err = RtlAllocateAndInitializeSid( &SidAuth, 1,
  85. SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &pSid)) != ERROR_SUCCESS)
  86. {
  87. break;
  88. }
  89. // Add Permission ACE
  90. if ( !AddAccessAllowedAce(pAcl, ACL_REVISION, dwPermission ,pSid))
  91. {
  92. err = GetLastError();
  93. break;
  94. }
  95. // Convert from relate format to absolute format
  96. if ( !MakeAbsoluteSD( psd, &absSD, &AbsSize, pDacl, &DaclSize, pSacl, &SaclSize,
  97. pOSid, &OSidSize, pPSid, &PSidSize ))
  98. {
  99. err = GetLastError();
  100. break;
  101. }
  102. // Set SD
  103. if ( !SetSecurityDescriptorDacl( &absSD, TRUE, pAcl, FALSE ))
  104. {
  105. err = GetLastError();
  106. break;
  107. }
  108. if ( (err = RegSetKeySecurity( hKey, DACL_SECURITY_INFORMATION, psd ))
  109. != ERROR_SUCCESS )
  110. {
  111. break;
  112. }
  113. } while (FALSE);
  114. // Clean up the memory
  115. LocalFree( psd );
  116. LocalFree( pDacl );
  117. LocalFree( pSacl );
  118. LocalFree( pOSid );
  119. LocalFree( pPSid );
  120. return err;
  121. }