archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/base/pnp/setupapi/sputils/security.c

565 lines
14 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) Microsoft Corporation. All rights reserved.
  5. Module Name:
  7. security.c
  9. Abstract:
  11. Routines to deal with security-related stuff.
  13. Externally exposed routines:
  15. pSetupIsUserAdmin
  16. pSetupDoesUserHavePrivilege
  17. pSetupEnablePrivilege
  19. Author:
  21. Ted Miller (tedm) 14-Jun-1995
  23. Revision History:
  25. Jamie Hunter (jamiehun) Jun-27-2000
  26. Moved functions to sputils
  28. Jamie Hunter (JamieHun) Mar-18-2002
  29. Security code review
  31. --*/
  33. #include "precomp.h"
  34. #include <lmaccess.h>
  35. #pragma hdrstop
  38. #ifndef SPUTILSW
  40. BOOL
  41. pSetupIsUserAdmin(
  42. VOID
  43. )
  45. /*++
  47. Routine Description:
  49. This routine returns TRUE if the caller's process is a member of the
  50. administrator group
  52. Caller MAY be impersonating someone.
  54. Arguments:
  56. None.
  58. Return Value:
  60. TRUE - Caller is effectively an Administrator
  62. FALSE - Caller is not an Administrator
  64. --*/
  66. {
  67. BOOL b;
  68. SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
  69. PSID AdministratorsGroup;
  71. b = AllocateAndInitializeSid(&NtAuthority,
  72. 2,
  73. SECURITY_BUILTIN_DOMAIN_RID,
  74. DOMAIN_ALIAS_RID_ADMINS,
  75. 0,
  76. 0,
  77. 0,
  78. 0,
  79. 0,
  80. 0,
  81. &AdministratorsGroup
  82. );
  84. if (b) {
  86. if (!CheckTokenMembership(NULL,
  87. AdministratorsGroup,
  88. &b
  89. )) {
  90. b = FALSE;
  91. }
  93. FreeSid(AdministratorsGroup);
  94. }
  96. return(b);
  97. }
  99. #endif // !SPUTILSW
  101. BOOL
  102. pSetupDoesUserHavePrivilege(
  103. PCTSTR PrivilegeName
  104. )
  106. /*++
  108. Routine Description:
  110. This routine returns TRUE if the thread (which may be impersonating) has
  111. the specified privilege. The privilege does not have
  112. to be currently enabled. This routine is used to indicate
  113. whether the caller has the potential to enable the privilege.
  115. Caller MAY be impersonating someone and IS
  116. expected to be able to open their own thread and thread
  117. token.
  119. Arguments:
  121. Privilege - the name form of privilege ID (such as
  122. SE_SECURITY_NAME).
  124. Return Value:
  126. TRUE - Caller has the specified privilege.
  128. FALSE - Caller does not have the specified privilege.
  130. --*/
  132. {
  133. HANDLE Token;
  134. ULONG BytesRequired;
  135. PTOKEN_PRIVILEGES Privileges;
  136. BOOL b;
  137. DWORD i;
  138. LUID Luid;
  140. //
  141. // Open the thread token.
  142. //
  143. if(!OpenThreadToken(GetCurrentThread(),TOKEN_QUERY,FALSE,&Token)) {
  144. if(GetLastError() != ERROR_NO_TOKEN) {
  145. return FALSE;
  146. }
  147. if(!OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY,&Token)) {
  148. return FALSE;
  149. }
  150. }
  152. b = FALSE;
  153. Privileges = NULL;
  155. //
  156. // Get privilege information.
  157. //
  158. if(!GetTokenInformation(Token,TokenPrivileges,NULL,0,&BytesRequired)
  159. && (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
  160. && (Privileges = pSetupCheckedMalloc(BytesRequired))
  161. && GetTokenInformation(Token,TokenPrivileges,Privileges,BytesRequired,&BytesRequired)
  162. && LookupPrivilegeValue(NULL,PrivilegeName,&Luid)) {
  164. //
  165. // See if we have the requested privilege
  166. //
  167. for(i=0; i<Privileges->PrivilegeCount; i++) {
  169. if((Luid.LowPart == Privileges->Privileges[i].Luid.LowPart)
  170. && (Luid.HighPart == Privileges->Privileges[i].Luid.HighPart)) {
  172. b = TRUE;
  173. break;
  174. }
  175. }
  176. }
  178. //
  179. // Clean up and return.
  180. //
  182. if(Privileges) {
  183. pSetupFree(Privileges);
  184. }
  186. CloseHandle(Token);
  188. return(b);
  189. }
  192. BOOL
  193. pSetupEnablePrivilege(
  194. IN PCTSTR PrivilegeName,
  195. IN BOOL Enable
  196. )
  198. /*++
  200. Routine Description:
  202. Enable or disable a given named privilege for current ****PROCESS****
  203. Any code that requires to change privilege per thread should not use this
  204. routine.
  205. It remains here for compatability only and will be depreciated as soon
  206. as dependents change (it's used by a few setup routines where it's fine
  207. to enable process priv's)
  209. Arguments:
  211. PrivilegeName - supplies the name of a system privilege.
  213. Enable - flag indicating whether to enable or disable the privilege.
  215. Return Value:
  217. Boolean value indicating whether the operation was successful.
  219. --*/
  221. {
  222. HANDLE Token;
  223. BOOL b;
  224. TOKEN_PRIVILEGES NewPrivileges;
  225. LUID Luid;
  227. if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&Token)) {
  228. return(FALSE);
  229. }
  231. if(!LookupPrivilegeValue(NULL,PrivilegeName,&Luid)) {
  232. CloseHandle(Token);
  233. return(FALSE);
  234. }
  236. NewPrivileges.PrivilegeCount = 1;
  237. NewPrivileges.Privileges[0].Luid = Luid;
  238. NewPrivileges.Privileges[0].Attributes = Enable ? SE_PRIVILEGE_ENABLED : 0;
  240. b = AdjustTokenPrivileges(
  241. Token,
  242. FALSE,
  243. &NewPrivileges,
  244. 0,
  245. NULL,
  246. NULL
  247. );
  249. CloseHandle(Token);
  251. return(b);
  252. }
  255. static
  256. PSID
  257. _GetUserSid(
  258. IN HANDLE hUserToken
  259. )
  261. /*++
  263. Routine Description:
  265. Retrieves the corresponding user SID for the specified user access token.
  267. Arguments:
  269. hUserToken - Specifies a handle to a user access token.
  271. Return Value:
  273. If successful, returns a pointer to an allocated buffer containing the SID
  274. for the specified user access token. Otherwise, returns NULL.
  275. GetLastError can be called to retrieve information pertaining to the error
  276. encountered.
  278. Notes:
  280. If successful, it is responsibility of the caller to free the the returned
  281. buffer with pSetupFree.
  283. --*/
  285. {
  286. DWORD cbBuffer, cbRequired;
  287. PTOKEN_USER pUserInfo = NULL;
  288. PSID pUserSid = NULL;
  289. DWORD Err;
  291. try {
  292. //
  293. // Determine the size of buffer we need to store the TOKEN_USER information
  294. // for the supplied user access token. The TOKEN_USER structure contains
  295. // the SID_AND_ATTRIBUTES information for the User.
  296. //
  297. cbBuffer = 0;
  299. Err = GLE_FN_CALL(FALSE,
  300. GetTokenInformation(hUserToken,
  301. TokenUser,
  302. NULL,
  303. cbBuffer,
  304. &cbRequired)
  305. );
  307. //
  308. // We'd better not succeed, since we supplied no buffer!
  309. //
  310. ASSERT(Err != NO_ERROR);
  312. if(Err == NO_ERROR) {
  313. Err = ERROR_INVALID_DATA;
  314. }
  316. if(Err != ERROR_INSUFFICIENT_BUFFER) {
  317. leave;
  318. }
  320. ASSERT(cbRequired > 0);
  322. //
  323. // Allocate a buffer for the TOKEN_USER data.
  324. //
  325. cbBuffer = cbRequired;
  327. pUserInfo = (PTOKEN_USER)pSetupCheckedMalloc(cbBuffer);
  329. if(!pUserInfo) {
  330. Err = ERROR_NOT_ENOUGH_MEMORY;
  331. leave;
  332. }
  334. //
  335. // Retrieve the TOKEN_USER data.
  336. //
  337. Err = GLE_FN_CALL(FALSE,
  338. GetTokenInformation(hUserToken,
  339. TokenUser,
  340. pUserInfo,
  341. cbBuffer,
  342. &cbRequired)
  343. );
  345. if(Err != NO_ERROR) {
  346. leave;
  347. }
  349. MYASSERT(pUserInfo->User.Sid != NULL);
  351. //
  352. // Check that the returned SID is valid.
  353. // Note - calling GetLastError is not valid for IsValidSid!
  354. //
  355. MYASSERT(IsValidSid(pUserInfo->User.Sid));
  357. if(!IsValidSid(pUserInfo->User.Sid)) {
  358. Err = ERROR_INVALID_DATA;
  359. leave;
  360. }
  362. //
  363. // Make a copy of the User SID_AND_ATTRIBUTES.
  364. //
  365. cbBuffer = GetLengthSid(pUserInfo->User.Sid);
  367. MYASSERT(cbBuffer > 0);
  369. pUserSid = (PSID)pSetupCheckedMalloc(cbBuffer);
  371. if(!pUserSid) {
  372. Err = ERROR_NOT_ENOUGH_MEMORY;
  373. leave;
  374. }
  376. Err = GLE_FN_CALL(FALSE, CopySid(cbBuffer, pUserSid, pUserInfo->User.Sid));
  378. if(Err != NO_ERROR) {
  379. leave;
  380. }
  382. //
  383. // Check that the returned SID is valid.
  384. // Note - calling GetLastError is not valid for IsValidSid!
  385. //
  386. MYASSERT(IsValidSid(pUserSid));
  388. if(!IsValidSid(pUserSid)) {
  389. Err = ERROR_INVALID_DATA;
  390. leave;
  391. }
  393. } except(_pSpUtilsExceptionFilter(GetExceptionCode())) {
  394. _pSpUtilsExceptionHandler(GetExceptionCode(), ERROR_INVALID_PARAMETER, &Err);
  395. }
  397. if(pUserInfo) {
  398. pSetupFree(pUserInfo);
  399. }
  401. if(Err == NO_ERROR) {
  402. MYASSERT(pUserSid);
  403. } else if(pUserSid) {
  404. pSetupFree(pUserSid);
  405. pUserSid = NULL;
  406. }
  408. SetLastError(Err);
  409. return pUserSid;
  411. } // _GetUserSid
  414. BOOL
  415. pSetupIsLocalSystem(
  416. VOID
  417. )
  419. /*++
  421. Routine Description:
  423. This function detects whether the process is running in LocalSystem
  424. security context.
  426. Arguments:
  428. none.
  430. Return Value:
  432. If this process is running in LocalSystem, the return value is non-zero
  433. (i.e., TRUE). Otherwise, the return value is FALSE. If FALSE is returned,
  434. GetLastError returns more information about the reason. If the function
  435. encountered no problem when retrieving/comparing the SIDs, GetLastError()
  436. will return ERROR_FUNCTION_FAILED. Otherwise, it will return another
  437. Win32 error code indicating the cause of failure.
  439. --*/
  441. {
  442. DWORD Err;
  443. HANDLE hToken = NULL;
  444. SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
  445. PSID pUserSid = NULL, pLocalSystemSid = NULL;
  447. try {
  448. //
  449. // Attempt to open the thread token, to see if we are impersonating.
  450. //
  451. Err = GLE_FN_CALL(FALSE,
  452. OpenThreadToken(GetCurrentThread(),
  453. MAXIMUM_ALLOWED,
  454. TRUE,
  455. &hToken)
  456. );
  458. if(Err == ERROR_NO_TOKEN) {
  459. //
  460. // Not impersonating, attempt to open the process token.
  461. //
  462. Err = GLE_FN_CALL(FALSE,
  463. OpenProcessToken(GetCurrentProcess(),
  464. MAXIMUM_ALLOWED,
  465. &hToken)
  466. );
  467. }
  469. if(Err != NO_ERROR) {
  470. //
  471. // Ensure hToken is still NULL so we won't try and free it later.
  472. //
  473. hToken = NULL;
  474. leave;
  475. }
  477. MYASSERT(hToken);
  479. //
  480. // Retrieve the user SID.
  481. //
  482. Err = GLE_FN_CALL(NULL, pUserSid = _GetUserSid(hToken));
  484. if(Err != NO_ERROR) {
  485. leave;
  486. }
  488. //
  489. // Create the LocalSystem SID
  490. //
  491. Err = GLE_FN_CALL(FALSE,
  492. AllocateAndInitializeSid(&NtAuthority,
  493. 1,
  494. SECURITY_LOCAL_SYSTEM_RID,
  495. 0,
  496. 0,
  497. 0,
  498. 0,
  499. 0,
  500. 0,
  501. 0,
  502. &pLocalSystemSid)
  503. );
  505. if(Err != NO_ERROR) {
  506. leave;
  507. }
  509. MYASSERT(pLocalSystemSid);
  511. //
  512. // Check that the returned SID is valid. We must check this ourselves
  513. // because if either SID supplied to IsEquialSid is not valid, the
  514. // return value is undefined.
  515. //
  516. MYASSERT(IsValidSid(pLocalSystemSid));
  518. //
  519. // Note - calling GetLastError is not valid for IsValidSid!
  520. //
  521. if(!IsValidSid(pLocalSystemSid)) {
  522. Err = ERROR_INVALID_DATA;
  523. leave;
  524. }
  526. //
  527. // Check if the two SIDs are equal.
  528. //
  529. if(!EqualSid(pUserSid, pLocalSystemSid)) {
  530. //
  531. // EqualSid doesn't set last error when SIDs are valid but
  532. // different, so we need to set an unsuccessful error here
  533. // ourselves.
  534. //
  535. Err = ERROR_FUNCTION_FAILED;
  536. leave;
  537. }
  539. //
  540. // Our SID equals LocalSystem SID, so we know we're running in
  541. // LocalSystem! (Err is already set to NO_ERROR, which is our signal
  542. // to return TRUE from this routine)
  543. //
  545. } except(_pSpUtilsExceptionFilter(GetExceptionCode())) {
  546. _pSpUtilsExceptionHandler(GetExceptionCode(), ERROR_INVALID_PARAMETER, &Err);
  547. }
  549. if(pLocalSystemSid) {
  550. FreeSid(pLocalSystemSid);
  551. }
  553. if(pUserSid) {
  554. pSetupFree(pUserSid);
  555. }
  557. if(hToken) {
  558. CloseHandle(hToken);
  559. }
  561. SetLastError(Err);
  562. return(Err == NO_ERROR);
  564. } // pSetupIsLocalSystem