Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

178 lines
3.4 KiB

/*++
Copyright (c) 2001 Microsoft Corporation
Module Name:
spoolsec.h
Abstract:
Header file for print security
Author:
Not known
Revision History:
06-Apr-2001 AMaxa CheckPrivilegePresent
--*/
#ifndef _SPOOLSEC_H_
#define _SPOOLSEC_H_
#ifdef __cplusplus
extern "C" {
#endif
// Object types
//
#define SPOOLER_OBJECT_SERVER 0
#define SPOOLER_OBJECT_PRINTER 1
#define SPOOLER_OBJECT_DOCUMENT 2
#define SPOOLER_OBJECT_COUNT 3
#define SPOOLER_OBJECT_XCV 4
/* These access bits must be different from those exposed in winspool.h,
* so that no auditing takes place when we do an access check against them:
*/
#define SERVER_ACCESS_ADMINISTER_PRIVATE 0x00000004
#define PRINTER_ACCESS_ADMINISTER_PRIVATE 0x00000008
#define JOB_ACCESS_ADMINISTER_PRIVATE 0x00000080
enum
{
kGuessTokenPrivileges = 1024
};
PSECURITY_DESCRIPTOR
CreateServerSecurityDescriptor(
VOID
);
PSECURITY_DESCRIPTOR
CreatePrinterSecurityDescriptor(
PSECURITY_DESCRIPTOR pCreatorSecurityDescriptor
);
PSECURITY_DESCRIPTOR
CreateDocumentSecurityDescriptor(
PSECURITY_DESCRIPTOR pPrinterSecurityDescriptor
);
BOOL
SetPrinterSecurityDescriptor(
SECURITY_INFORMATION SecurityInformation,
PSECURITY_DESCRIPTOR pModificationDescriptor,
PSECURITY_DESCRIPTOR *ppObjectsSecurityDescriptor
);
BOOL
DeletePrinterSecurity(
PINIPRINTER pIniPrinter
);
BOOL
DeleteDocumentSecurity(
PINIJOB pIniJob
);
PSECURITY_DESCRIPTOR
CreateEverybodySecurityDescriptor(
VOID
);
BOOL
ValidateObjectAccess(
IN DWORD ObjectType,
IN ACCESS_MASK DesiredAccess,
IN LPVOID ObjectHandle,
OUT PACCESS_MASK pGrantedAccess,
IN PINISPOOLER pIniSpooler
);
BOOL
ValidateObjectAccessWithToken(
IN HANDLE hClientToken,
IN DWORD ObjectType,
IN ACCESS_MASK DesiredAccess,
IN LPVOID ObjectHandle,
OUT PACCESS_MASK pGrantedAccess,
IN PINISPOOLER pIniSpooler
);
BOOL
AccessGranted(
DWORD ObjectType,
ACCESS_MASK DesiredAccess,
PSPOOL pSpool
);
VOID MapGenericToSpecificAccess(
DWORD ObjectType,
DWORD GenericAccess,
PDWORD pSpecificAccess
);
BOOL
GetTokenHandle(
PHANDLE TokenHandle
);
BOOL
GetSecurityInformation(
PSECURITY_DESCRIPTOR pSecurityDescriptor,
PSECURITY_INFORMATION pSecurityInformation
);
ACCESS_MASK
GetPrivilegeRequired(
SECURITY_INFORMATION SecurityInformation
);
BOOL
BuildPartialSecurityDescriptor(
ACCESS_MASK AccessGranted,
PSECURITY_DESCRIPTOR pSourceSecurityDescriptor,
PSECURITY_DESCRIPTOR *ppPartialSecurityDescriptor,
PDWORD pPartialSecurityDescriptorLength
);
PSECURITY_DESCRIPTOR
CreateDriversShareSecurityDescriptor(
VOID
);
BOOL
InitializeSecurityStructures(
VOID
);
DWORD
PrincipalIsRemoteGuest(
IN HANDLE hToken,
OUT BOOL *pbRemoteGuest
);
DWORD
CheckPrivilegePresent(
IN HANDLE hToken,
IN PLUID pLuid,
IN OUT LPBOOL pbPresent,
IN OUT LPDWORD pAttributes OPTIONAL
);
BOOL
GrantJobReadPermissionToLocalSystem(
IN OUT PSECURITY_DESCRIPTOR *ppSecurityDescriptor
);
#ifdef __cplusplus
}
#endif
#endif