archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
3.8 GiB
Tree: 1b390dddff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b390dddff'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/services/sched/job/security.cxx

466 lines
12 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+----------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1996.
  5. //
  6. // File: security.cxx
  7. //
  8. // Contents:
  9. //
  10. // Classes:
  11. //
  12. // Interfaces:
  13. //
  14. // History: 06-Jul-96 MarkBl Created.
  15. // 03-Mar-01 JBenton Prefix Bug 350196
  16. // invalid pointer could be dereferenced on cleanup
  17. //
  18. //-----------------------------------------------------------------------------
  20. #include "..\pch\headers.hxx"
  21. #pragma hdrstop
  22. #include "common.hxx"
  23. #include "debug.hxx"
  24. #include "security.hxx"
  25. #include "proto.hxx"
  27. typedef struct _MYSIDINFO {
  28. PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority;
  29. DWORD dwSubAuthority;
  30. PSID pSid;
  31. } MYSIDINFO;
  33. #define TASK_ALL (GENERIC_READ | GENERIC_WRITE | \
  34. GENERIC_EXECUTE | GENERIC_ALL)
  35. #define TASK_READ (GENERIC_READ)
  37. DWORD AllocateAndInitializeDomainSid(
  38. PSID pDomainSid,
  39. MYSIDINFO * pDomainSidInfo);
  40. HRESULT GetFileOwnerSid(
  41. LPCWSTR pwszFileName,
  42. PSID * ppSid);
  45. //+---------------------------------------------------------------------------
  46. //
  47. // Function: SetTaskFileSecurity
  48. //
  49. // Synopsis: Grant the following permissions to the task object:
  50. //
  51. // LocalSystem All Access.
  52. // Creator All Access.
  53. // Domain Admininstrators All Access.
  54. //
  55. // Arguments: [fIsATTask] -- TRUE if the task is an AT-submitted task;
  56. // FALSE otherwise.
  57. // [pwszTaskPath] -- Task object path.
  58. //
  59. // Notes: None.
  60. //
  61. //----------------------------------------------------------------------------
  62. HRESULT
  63. SetTaskFileSecurity(LPCWSTR pwszTaskPath, BOOL fIsATTask)
  64. {
  65. #define BASE_SID_COUNT 2
  66. #define DOMAIN_SID_COUNT 1
  67. #define TASK_ACE_COUNT 3
  69. FILESYSTEMTYPE FileSystemType;
  70. HRESULT hr;
  72. hr = GetFileSystemTypeFromPath(pwszTaskPath, &FileSystemType);
  74. if (FAILED(hr))
  75. {
  76. return(hr);
  77. }
  79. if (FileSystemType == FILESYSTEM_FAT)
  80. {
  81. //
  82. // No security on FAT. This isn't an error. Let the caller
  83. // think everything went fine.
  84. //
  86. return(S_OK);
  87. }
  89. //
  90. // Retrieve the SID of the file owner.
  91. //
  93. PSID pOwnerSid = NULL;
  95. hr = GetFileOwnerSid(pwszTaskPath, &pOwnerSid);
  97. if (FAILED(hr))
  98. {
  99. return(hr);
  100. }
  102. //
  103. // OK, the fun begins. Build a security descriptor and set file security.
  104. //
  106. PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
  107. DWORD Status;
  109. SID_IDENTIFIER_AUTHORITY NtAuth = SECURITY_NT_AUTHORITY;
  110. SID_IDENTIFIER_AUTHORITY CreatorSidAuth = SECURITY_CREATOR_SID_AUTHORITY;
  112. MYSIDINFO rgBaseSidInfo[BASE_SID_COUNT] = {
  113. { &NtAuth, // Local System.
  114. SECURITY_LOCAL_SYSTEM_RID,
  115. NULL },
  116. { &NtAuth, // Built in domain.
  117. SECURITY_BUILTIN_DOMAIN_RID,
  118. NULL }
  119. };
  121. MYSIDINFO rgDomainSidInfo[DOMAIN_SID_COUNT] = {
  122. { NULL, // Domain administrators.
  123. DOMAIN_ALIAS_RID_ADMINS,
  124. NULL }
  125. };
  127. SECURITY_INFORMATION si = DACL_SECURITY_INFORMATION;
  129. //
  130. // Make sure we didn't goof.
  131. //
  133. schAssert(BASE_SID_COUNT == (sizeof(rgBaseSidInfo) / sizeof(MYSIDINFO)));
  134. schAssert(DOMAIN_SID_COUNT == (sizeof(rgDomainSidInfo) /
  135. sizeof(MYSIDINFO)));
  137. //
  138. // Create the base SIDs.
  139. //
  141. DWORD i;
  143. for (i = 0; i < BASE_SID_COUNT; i++)
  144. {
  145. if (!AllocateAndInitializeSid(rgBaseSidInfo[i].pIdentifierAuthority,
  146. 1,
  147. rgBaseSidInfo[i].dwSubAuthority,
  148. 0, 0, 0, 0, 0, 0, 0,
  149. &rgBaseSidInfo[i].pSid))
  150. {
  151. hr = HRESULT_FROM_WIN32(GetLastError());
  152. CHECK_HRESULT(hr);
  153. break;
  154. }
  156. if (!IsValidSid(rgBaseSidInfo[i].pSid))
  157. {
  158. hr = HRESULT_FROM_WIN32(GetLastError());
  159. CHECK_HRESULT(hr);
  160. break;
  161. }
  162. }
  164. if (SUCCEEDED(hr))
  165. {
  166. //
  167. // Create the domain SIDs.
  168. //
  170. for (i = 0; i < DOMAIN_SID_COUNT; i++)
  171. {
  172. DWORD dwError = AllocateAndInitializeDomainSid(
  173. rgBaseSidInfo[1].pSid,
  174. &rgDomainSidInfo[i]);
  176. if (dwError != ERROR_SUCCESS)
  177. {
  178. hr = HRESULT_FROM_WIN32(dwError);
  179. CHECK_HRESULT(hr);
  180. break;
  181. }
  182. }
  183. }
  185. //
  186. // Create the security descriptor.
  187. //
  188. // Possibly adjust the array size to account for two special cases:
  189. // 1. If this job is an AT job, only local system and administrators
  190. // are to have access; don't grant users access. This case
  191. // also encompasses case (2).
  192. // 2. The owner sid and the domain administrator SID will be equal
  193. // if the user is an admin. If the user is an admin, ignore the
  194. // administrator setting.
  195. //
  197. DWORD ActualTaskAceCount;
  199. if (fIsATTask)
  200. {
  201. ActualTaskAceCount = TASK_ACE_COUNT - 1;
  202. }
  203. else if (EqualSid(pOwnerSid, rgDomainSidInfo[0].pSid))
  204. {
  205. ActualTaskAceCount = TASK_ACE_COUNT - 1;
  206. }
  207. else
  208. {
  209. ActualTaskAceCount = TASK_ACE_COUNT;
  210. }
  212. PACCESS_ALLOWED_ACE rgAce[TASK_ACE_COUNT] = {
  213. NULL, NULL, NULL // Supply this to CreateSD so we
  214. }; // so we don't have to allocate
  215. // memory.
  216. MYACE rgMyAce[TASK_ACE_COUNT] = {
  217. { TASK_ALL, // Acess mask.
  218. NO_PROPAGATE_INHERIT_ACE, // Inherit flags.
  219. rgBaseSidInfo[0].pSid }, // SID.
  220. { TASK_ALL,
  221. NO_PROPAGATE_INHERIT_ACE,
  222. rgDomainSidInfo[0].pSid },
  223. { TASK_ALL,
  224. NO_PROPAGATE_INHERIT_ACE,
  225. pOwnerSid }
  226. };
  228. schAssert(TASK_ACE_COUNT == (sizeof(rgAce)/sizeof(PACCESS_ALLOWED_ACE)) &&
  229. TASK_ACE_COUNT == (sizeof(rgMyAce) / sizeof(MYACE)));
  231. if (FAILED(hr))
  232. {
  233. goto CleanExit;
  234. }
  236. if ((pSecurityDescriptor = CreateSecurityDescriptor(ActualTaskAceCount,
  237. rgMyAce,
  238. rgAce,
  239. &Status)) == NULL)
  240. {
  241. hr = HRESULT_FROM_WIN32(Status);
  242. goto CleanExit;
  243. }
  245. //
  246. // Finally, set permissions.
  247. //
  249. if (!SetFileSecurity(pwszTaskPath, si, pSecurityDescriptor))
  250. {
  251. hr = HRESULT_FROM_WIN32(GetLastError());
  252. CHECK_HRESULT(hr);
  253. goto CleanExit;
  254. }
  256. CleanExit:
  257. delete pOwnerSid;
  258. for (i = 0; i < BASE_SID_COUNT; i++)
  259. {
  260. if (rgBaseSidInfo[i].pSid != NULL)
  261. {
  262. FreeSid(rgBaseSidInfo[i].pSid);
  263. }
  264. }
  265. for (i = 0; i < DOMAIN_SID_COUNT; i++)
  266. {
  267. if (rgDomainSidInfo[i].pSid != NULL)
  268. {
  269. delete rgDomainSidInfo[i].pSid;
  270. }
  271. }
  272. if (pSecurityDescriptor != NULL)
  273. {
  274. DeleteSecurityDescriptor(pSecurityDescriptor);
  275. }
  277. return(hr);
  278. }
  280. //+---------------------------------------------------------------------------
  281. //
  282. // Function: AllocateAndInitializeDomainSid
  283. //
  284. // Synopsis:
  285. //
  286. // Arguments: [pDomainSid] --
  287. // [pDomainSidInfo] --
  288. //
  289. // Notes: None.
  290. //
  291. //----------------------------------------------------------------------------
  292. DWORD
  293. AllocateAndInitializeDomainSid(
  294. PSID pDomainSid,
  295. MYSIDINFO * pDomainSidInfo)
  296. {
  297. UCHAR DomainIdSubAuthorityCount;
  298. DWORD SidLength;
  300. //
  301. // Allocate a Sid which has one more sub-authority than the domain ID.
  302. //
  304. DomainIdSubAuthorityCount = *(GetSidSubAuthorityCount(pDomainSid));
  305. SidLength = GetSidLengthRequired(DomainIdSubAuthorityCount + 1);
  307. pDomainSidInfo->pSid = new BYTE[SidLength];
  309. if (pDomainSidInfo->pSid == NULL)
  310. {
  311. CHECK_HRESULT(E_OUTOFMEMORY);
  312. return(ERROR_NOT_ENOUGH_MEMORY);
  313. }
  315. //
  316. // Initialize the new SID to have the same inital value as the
  317. // domain ID.
  318. //
  320. if (!CopySid(SidLength, pDomainSidInfo->pSid, pDomainSid))
  321. {
  322. delete pDomainSidInfo->pSid;
  323. pDomainSidInfo->pSid = NULL;
  324. CHECK_HRESULT(HRESULT_FROM_WIN32(GetLastError()));
  325. return(GetLastError());
  326. }
  328. //
  329. // Adjust the sub-authority count and add the relative Id unique
  330. // to the newly allocated SID
  331. //
  333. (*(GetSidSubAuthorityCount(pDomainSidInfo->pSid)))++;
  334. *(GetSidSubAuthority(pDomainSidInfo->pSid,
  335. DomainIdSubAuthorityCount)) =
  336. pDomainSidInfo->dwSubAuthority;
  338. return(ERROR_SUCCESS);
  339. }
  341. //+---------------------------------------------------------------------------
  342. //
  343. // Function: GetFileOwnerSid
  344. //
  345. // Synopsis:
  346. //
  347. // Arguments: [pwszFileName] --
  348. // [ppSid] --
  349. //
  350. // Notes: None.
  351. //
  352. //----------------------------------------------------------------------------
  353. HRESULT
  354. GetFileOwnerSid(LPCWSTR pwszFileName, PSID * ppSid)
  355. {
  356. DWORD cbSizeNeeded;
  358. //
  359. // Retrieve the file owner. Call GetFileSecurity twice - first to get
  360. // the buffer size, then the actual information retrieval.
  361. //
  363. if (GetFileSecurity(pwszFileName,
  364. OWNER_SECURITY_INFORMATION,
  365. NULL,
  366. 0,
  367. &cbSizeNeeded))
  368. {
  369. //
  370. // Didn't expect this to succeed!
  371. //
  373. CHECK_HRESULT(E_UNEXPECTED);
  374. return(E_UNEXPECTED);
  375. }
  377. DWORD Status = GetLastError();
  378. PSECURITY_DESCRIPTOR pOwnerSecDescr = NULL;
  379. HRESULT hr = S_OK;
  381. if ((Status == ERROR_INSUFFICIENT_BUFFER) && (cbSizeNeeded > 0))
  382. {
  383. //
  384. // Allocate the buffer space necessary and retrieve the info.
  385. //
  387. pOwnerSecDescr = (SECURITY_DESCRIPTOR *)new BYTE[cbSizeNeeded];
  389. if (pOwnerSecDescr == NULL)
  390. {
  391. CHECK_HRESULT(E_OUTOFMEMORY);
  392. return(E_OUTOFMEMORY);
  393. }
  395. if (!GetFileSecurity(pwszFileName,
  396. OWNER_SECURITY_INFORMATION,
  397. pOwnerSecDescr,
  398. cbSizeNeeded,
  399. &cbSizeNeeded))
  400. {
  401. delete pOwnerSecDescr;
  402. hr = HRESULT_FROM_WIN32(GetLastError());
  403. CHECK_HRESULT(hr);
  404. return(hr);
  405. }
  406. }
  407. else
  408. {
  409. hr = HRESULT_FROM_WIN32(GetLastError());
  410. CHECK_HRESULT(hr);
  411. return(hr);
  412. }
  414. //
  415. // Retrieve & validate the owner sid.
  416. //
  417. // NB : After this, pOwnerSid will point into the security descriptor,
  418. // pOwnerSecDescr; hence, the descriptor must exist for the
  419. // lifetime of pOwnerSid.
  420. //
  422. DWORD cbOwnerSid;
  423. PSID pOwnerSid;
  424. BOOL fOwnerDefaulted;
  426. if (GetSecurityDescriptorOwner(pOwnerSecDescr,
  427. &pOwnerSid,
  428. &fOwnerDefaulted))
  429. {
  430. if (IsValidSid(pOwnerSid))
  431. {
  432. *ppSid = new BYTE[cbOwnerSid = GetLengthSid(pOwnerSid)];
  434. if (*ppSid != NULL)
  435. {
  436. if (!CopySid(cbOwnerSid, *ppSid, pOwnerSid))
  437. {
  438. delete *ppSid;
  439. *ppSid = NULL;
  440. hr = HRESULT_FROM_WIN32(GetLastError());
  441. CHECK_HRESULT(hr);
  442. }
  443. }
  444. else
  445. {
  446. hr = E_OUTOFMEMORY;
  447. CHECK_HRESULT(hr);
  448. }
  450. }
  451. else
  452. {
  453. hr = HRESULT_FROM_WIN32(GetLastError());
  454. CHECK_HRESULT(hr);
  455. }
  456. }
  457. else
  458. {
  459. hr = HRESULT_FROM_WIN32(GetLastError());
  460. CHECK_HRESULT(hr);
  461. }
  463. delete pOwnerSecDescr;
  465. return(hr);
  466. }