You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
89 lines
1.5 KiB
89 lines
1.5 KiB
|
|
/*
|
|
* List of accounts we allow file access for
|
|
*/
|
|
#define MAX_ACCOUNT_NAME 32
|
|
#define CURRENT_USER L"%user%"
|
|
|
|
// These are the accounts we want to have access to the directory
|
|
#define ADMIN_ACCOUNT 0
|
|
#define SYSTEM_ACCOUNT 1
|
|
#define USER_ACCOUNT 2
|
|
|
|
typedef struct _ADMIN_ACCOUNTS {
|
|
WCHAR Name[MAX_ACCOUNT_NAME];
|
|
PSID pSid;
|
|
} ADMIN_ACCOUNTS, *PADMIN_ACCOUNTS;
|
|
|
|
/*
|
|
* Operation result codes to allow a separate reporting module
|
|
*/
|
|
typedef enum _FILE_RESULT {
|
|
FileOk, // File can not be written by users
|
|
FileAccessError, // Error occured, disposition unknown
|
|
FileAccessErrorUserFormat // Error, user formatted message
|
|
} FILE_RESULT;
|
|
|
|
BOOL
|
|
InitSecurity(
|
|
);
|
|
|
|
BOOL
|
|
IsAllowSid(
|
|
PSID pSid
|
|
);
|
|
|
|
BOOL
|
|
xxxLookupAccountName(
|
|
PWCHAR pSystemName,
|
|
PWCHAR pAccountName,
|
|
PSID *ppSid
|
|
);
|
|
|
|
BOOLEAN
|
|
SetFileTree(
|
|
PWCHAR pRoot,
|
|
PWCHAR pAvoidDir
|
|
);
|
|
|
|
BOOL
|
|
ReportFileResult(
|
|
FILE_RESULT Code,
|
|
ACCESS_MASK Access,
|
|
PWCHAR pFile,
|
|
PWCHAR pAccountName,
|
|
PWCHAR pDomainName,
|
|
PCHAR UserFormat,
|
|
...
|
|
);
|
|
|
|
PACL
|
|
GetSecureAcl();
|
|
|
|
PSID
|
|
GetLocalAdminSid();
|
|
|
|
PSID
|
|
GetAdminSid();
|
|
|
|
PSID
|
|
GetLocalAdminGroupSid();
|
|
|
|
BOOL
|
|
CheckUserSid();
|
|
|
|
#if DBG
|
|
void
|
|
DumpSecurityDescriptor(
|
|
PSECURITY_DESCRIPTOR pSD
|
|
);
|
|
|
|
void
|
|
DumpAcl(
|
|
PACL pAcl,
|
|
PCHAR pBase,
|
|
PULONG pSize
|
|
);
|
|
#endif
|
|
|
|
|