archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/shell/osshell/progman/security.c

472 lines
12 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /****************************** Module Header ******************************\
  2. * Module Name: security.c
  3. *
  4. * Copyright (c) 1992, Microsoft Corporation
  5. *
  6. * Handles security aspects of progman operation.
  7. *
  8. * History:
  9. * 01-16-92 JohanneC Created - mostly taken from old winlogon.c
  10. \***************************************************************************/
  12. #include "sec.h"
  13. #include <string.h>
  14. #include <fcntl.h>
  15. #include <io.h>
  16. #include <stdio.h>
  17. #include <lm.h>
  20. /***************************************************************************\
  21. * SetMyAce
  22. *
  23. * Helper routine that fills in a MYACE structure.
  24. *
  25. * History:
  26. * 02-06-92 Davidc Created
  27. \***************************************************************************/
  28. VOID
  29. SetMyAce(
  30. PMYACE MyAce,
  31. PSID Sid,
  32. ACCESS_MASK Mask,
  33. UCHAR InheritFlags
  34. )
  35. {
  36. MyAce->Sid = Sid;
  37. MyAce->AccessMask= Mask;
  38. MyAce->InheritFlags = InheritFlags;
  39. }
  42. /***************************************************************************\
  43. * SetWorldSecurity
  44. *
  45. * Sets the security given the logon sid passed.
  46. *
  47. * If the UserSid = NULL, no access is given to anyone other than world
  48. * Users will have read access and if bWriteAccess is TRUE, they will also
  49. * have write access.
  50. *
  51. * Returns TRUE on success, FALSE on failure
  52. *
  53. * History:
  54. * 04-16-91 Johannec Created
  55. \***************************************************************************/
  56. BOOL
  57. SetWorldSecurity(
  58. PSID UserSid,
  59. PSECURITY_DESCRIPTOR *pSecDesc,
  60. BOOL bWriteAccess
  61. )
  62. {
  63. MYACE Ace[4];
  64. ACEINDEX AceCount = 0;
  65. PSECURITY_DESCRIPTOR SecurityDescriptor;
  66. PSID WorldSid = NULL;
  67. PSID AdminAliasSid = NULL;
  68. PSID PowerUserAliasSid = NULL;
  69. PSID SystemOpsAliasSid = NULL;
  70. SID_IDENTIFIER_AUTHORITY WorldSidAuthority = SECURITY_WORLD_SID_AUTHORITY;
  71. SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
  72. NTSTATUS Status;
  73. ACCESS_MASK AccessMask;
  75. // Create the world Sid
  76. Status = RtlAllocateAndInitializeSid(
  77. &WorldSidAuthority,
  78. 1, // Sub authority count
  79. SECURITY_WORLD_RID, // Sub authorities
  80. 0, 0, 0, 0, 0, 0, 0,
  81. &WorldSid);
  83. if (!NT_SUCCESS(Status)) {
  84. DbgOnlyPrint("progman failed to allocate memory for world sid\n");
  85. return(FALSE);
  86. }
  88. Status = RtlAllocateAndInitializeSid(
  89. &NtAuthority,
  90. 2, // Sub authority count
  91. SECURITY_BUILTIN_DOMAIN_RID, // Sub authority[0]
  92. DOMAIN_ALIAS_RID_ADMINS, // Sub authority[1]
  93. 0, 0, 0, 0, 0, 0,
  94. &AdminAliasSid);
  96. Status = RtlAllocateAndInitializeSid(
  97. &NtAuthority,
  98. 2, // Sub authority count
  99. SECURITY_BUILTIN_DOMAIN_RID, // Sub authority[0]
  100. DOMAIN_ALIAS_RID_POWER_USERS, // Sub authority[1]
  101. 0, 0, 0, 0, 0, 0,
  102. &PowerUserAliasSid);
  104. Status = RtlAllocateAndInitializeSid(
  105. &NtAuthority,
  106. 2, // Sub authority count
  107. SECURITY_BUILTIN_DOMAIN_RID, // Sub authority[0]
  108. DOMAIN_ALIAS_RID_SYSTEM_OPS, // Sub authority[1]
  109. 0, 0, 0, 0, 0, 0,
  110. &SystemOpsAliasSid);
  113. if (!NT_SUCCESS(Status)) {
  114. DbgOnlyPrint("progman failed to allocate memory for admin sid\n");
  115. return(FALSE);
  116. }
  120. //
  121. // Define the World ACEs
  122. //
  124. if (bWriteAccess) {
  125. AccessMask = KEY_READ | KEY_WRITE | DELETE;
  126. }
  127. else {
  128. AccessMask = KEY_READ;
  129. }
  131. SetMyAce(&(Ace[AceCount++]),
  132. WorldSid,
  133. AccessMask,
  134. NO_PROPAGATE_INHERIT_ACE
  135. );
  137. //
  138. // Define the Admins ACEs
  139. //
  141. SetMyAce(&(Ace[AceCount++]),
  142. AdminAliasSid,
  143. GENERIC_ALL,
  144. NO_PROPAGATE_INHERIT_ACE
  145. );
  147. //
  148. // Define the Power Users ACEs
  149. //
  151. SetMyAce(&(Ace[AceCount++]),
  152. PowerUserAliasSid,
  153. GENERIC_ALL,
  154. NO_PROPAGATE_INHERIT_ACE
  155. );
  157. //
  158. // Define the System Operators ACEs
  159. //
  161. SetMyAce(&(Ace[AceCount++]),
  162. SystemOpsAliasSid,
  163. GENERIC_ALL,
  164. NO_PROPAGATE_INHERIT_ACE
  165. );
  167. // Check we didn't goof
  168. ASSERT((sizeof(Ace) / sizeof(MYACE)) >= AceCount);
  170. //
  171. // Create the security descriptor
  172. //
  174. SecurityDescriptor = CreateSecurityDescriptor(Ace, AceCount);
  175. if (SecurityDescriptor == NULL) {
  176. DbgOnlyPrint("Progman failed to create security descriptor\n\r");
  177. return(FALSE);
  178. }
  180. #if 0
  181. // Keep security descriptor global
  182. // delete only when exiting the program
  184. //
  185. // Free up the security descriptor
  186. //
  188. DeleteSecurityDescriptor(SecurityDescriptor);
  189. #endif
  191. //
  192. // Return success status
  193. //
  195. *pSecDesc = SecurityDescriptor;
  196. return(TRUE);
  197. }
  199. /***************************************************************************\
  200. * InitializeSecurityAttributes
  201. *
  202. *
  203. * Returns TRUE on success, FALSE on failure
  204. *
  205. * History:
  206. * 04-14-92 JohanneC Created
  207. \***************************************************************************/
  208. BOOL InitializeSecurityAttributes(PSECURITY_ATTRIBUTES pSecurityAttributes,
  209. BOOL bWriteAccess)
  210. {
  211. PSECURITY_DESCRIPTOR pSecDesc;
  213. if (!SetWorldSecurity(NULL, &pSecDesc, bWriteAccess)) {
  214. return(FALSE);
  215. }
  217. pSecurityAttributes->nLength = sizeof(SECURITY_ATTRIBUTES);
  218. pSecurityAttributes->lpSecurityDescriptor = pSecDesc;
  219. pSecurityAttributes->bInheritHandle = TRUE;
  221. return(TRUE);
  222. }
  224. BOOL
  225. TestTokenForAdmin(
  226. HANDLE Token
  227. );
  229. /***************************************************************************\
  230. * TestUserForAdmin
  231. *
  232. *
  233. * Returns TRUE if the current user is part of the ADMIN group,
  234. * FALSE otherwise
  235. *
  236. * History:
  237. * 07-15-92 JohanneC Created
  238. \***************************************************************************/
  239. BOOL TestUserForAdmin()
  240. {
  241. BOOL UserIsAdmin = FALSE;
  242. HANDLE Token;
  243. #if 0
  244. ACCESS_MASK GrantedAccess;
  245. GENERIC_MAPPING GenericMapping;
  246. PPRIVILEGE_SET pPrivilegeSet;
  247. DWORD dwPrivilegeSetLength;
  248. MYACE Ace[1];
  249. PSECURITY_DESCRIPTOR pSecDesc;
  250. NTSTATUS Status;
  251. #endif
  252. PSID AdminAliasSid = NULL;
  253. SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
  255. //
  256. // Get the token of the current process.
  257. //
  259. if (!OpenProcessToken(
  260. GetCurrentProcess(),
  261. TOKEN_QUERY,
  262. &Token
  263. ) ) {
  264. DbgOnlyPrint("Progman: Can't open own process token for token_query access\n\r");
  265. return(FALSE);
  266. }
  268. #if 0
  270. // not working because of error = STATUS_NO_IMPERSONATION_TOKEN
  271. so use the code from winlogon instead (see #else)
  273. Status = RtlAllocateAndInitializeSid(
  274. &NtAuthority,
  275. 2, // Sub authority count
  276. SECURITY_BUILTIN_DOMAIN_RID, // Sub authority[0]
  277. DOMAIN_ALIAS_RID_ADMINS, // Sub authority[1]
  278. 0, 0, 0, 0, 0, 0,
  279. &AdminAliasSid);
  281. if (!NT_SUCCESS(Status)) {
  282. DbgOnlyPrint(TEXT("progman failed to allocate memory for admin sid\n"));
  283. goto Exit;
  284. }
  286. //
  287. // Define the Admins ACEs
  288. //
  290. SetMyAce(&(Ace[0]),
  291. AdminAliasSid,
  292. GENERIC_ALL,
  293. NO_PROPAGATE_INHERIT_ACE
  294. );
  296. //
  297. // Create the security descriptor
  298. //
  300. pSecDesc = CreateSecurityDescriptor(Ace, 1);
  301. if (pSecDesc == NULL) {
  302. DbgOnlyPrint(TEXT("Progman failed to create security descriptor\n\r"));
  303. goto Exit;
  304. }
  306. //
  307. // Allocate memory for the PrivilegeSet buffer
  308. //
  310. dwPrivilegeSetLength = 256;
  311. pPrivilegeSet = Alloc(dwPrivilegeSetLength);
  312. if (!pPrivilegeSet) {
  313. DbgOnlyPrint(TEXT("Progman: Can't alloc memory for privilege set\n\r"));
  314. goto FreeSecDesc;
  315. }
  317. //
  318. // Test if user has admin privileges.
  319. //
  321. if(!AccessCheck(pSecDesc,
  322. Token,
  323. STANDARD_RIGHTS_ALL,
  324. &GenericMapping,
  325. pPrivilegeSet,
  326. &dwPrivilegeSetLength,
  327. &GrantedAccess,
  328. &UserIsAdmin) ){
  330. DbgOnlyPrint(TEXT("Progman: AccessCheck failed, error = %d\n\r"), GetLastError());
  331. }
  334. //
  335. // Free up the the PrivilegeSet
  336. //
  338. Free(pPrivilegeSet);
  340. FreeSecDesc:
  342. //
  343. // Free up the security descriptor
  344. //
  346. DeleteSecurityDescriptor(pSecDesc);
  348. #else
  350. UserIsAdmin = TestTokenForAdmin(Token);
  352. #endif
  354. //Exit:
  356. //
  357. // We are finished with the token.
  358. //
  360. CloseHandle(Token);
  362. return(UserIsAdmin);
  363. }
  364. /***************************************************************************\
  365. * TestTokenForAdmin
  366. *
  367. * Returns TRUE if the token passed represents an admin user, otherwise FALSE
  368. *
  369. * The token handle passed must have TOKEN_QUERY access.
  370. *
  371. * History:
  372. * 08-01-92 JohanneC Extracted code from winlogon
  373. * 05-06-92 Davidc Created
  374. \***************************************************************************/
  375. BOOL
  376. TestTokenForAdmin(
  377. HANDLE Token
  378. )
  379. {
  380. NTSTATUS Status;
  381. DWORD InfoLength;
  382. PTOKEN_GROUPS TokenGroupList;
  383. DWORD GroupIndex;
  384. PSID AdminSid;
  385. BOOL FoundAdmin;
  386. SID_IDENTIFIER_AUTHORITY SystemSidAuthority = SECURITY_NT_AUTHORITY;
  388. //
  389. // Get a list of groups in the token
  390. //
  392. Status = NtQueryInformationToken(
  393. Token, // Handle
  394. TokenGroups, // TokenInformationClass
  395. NULL, // TokenInformation
  396. 0, // TokenInformationLength
  397. &InfoLength // ReturnLength
  398. );
  400. if ((Status != STATUS_SUCCESS) && (Status != STATUS_BUFFER_TOO_SMALL)) {
  402. DbgOnlyPrint("Winlogon failed to get group info for admin token, status = 0x%lx\n", Status);
  403. return(FALSE);
  404. }
  407. TokenGroupList = Alloc(InfoLength);
  409. if (TokenGroupList == NULL) {
  410. DbgOnlyPrint("Winlogon unable to allocate memory for token groups\n");
  411. return(FALSE);
  412. }
  414. Status = NtQueryInformationToken(
  415. Token, // Handle
  416. TokenGroups, // TokenInformationClass
  417. TokenGroupList, // TokenInformation
  418. InfoLength, // TokenInformationLength
  419. &InfoLength // ReturnLength
  420. );
  422. if (!NT_SUCCESS(Status)) {
  423. DbgOnlyPrint("Winlogon failed to query groups for admin token, status = 0x%lx\n", Status);
  424. Free(TokenGroupList);
  425. return(FALSE);
  426. }
  430. //
  431. // Create the admin sid
  432. //
  434. Status = RtlAllocateAndInitializeSid(
  435. &SystemSidAuthority, 2,
  436. SECURITY_BUILTIN_DOMAIN_RID,
  437. DOMAIN_ALIAS_RID_ADMINS,
  438. 0, 0, 0, 0, 0, 0,
  439. &AdminSid);
  441. if (!NT_SUCCESS(Status)) {
  442. DbgOnlyPrint("Winlogon failed to initialize admin alias sid\n");
  443. Free(TokenGroupList);
  444. return(FALSE);
  445. }
  448. //
  449. // Search group list for admin alias
  450. //
  452. FoundAdmin = FALSE;
  454. for (GroupIndex=0; GroupIndex < TokenGroupList->GroupCount; GroupIndex++ ) {
  456. if (RtlEqualSid(TokenGroupList->Groups[GroupIndex].Sid, AdminSid)) {
  457. FoundAdmin = TRUE;
  458. break;
  459. }
  460. }
  462. //
  463. // Tidy up
  464. //
  466. RtlFreeSid(AdminSid);
  467. Free(TokenGroupList);
  471. return(FoundAdmin);
  472. }