Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

374 lines
12 KiB

  1. /*++
  2. Copyright (c) 1989 Microsoft Corporation
  3. Module Name:
  4. tsevars.c
  5. Abstract:
  6. This Module contains variables used in security test routines.
  7. Author:
  8. Jim Kelly (JimK) 23-Mar-1990
  9. Environment:
  10. Test.
  11. Revision History:
  12. --*/
  13. #include "tsecomm.c" // Mode dependent macros and routines.
  14. #ifndef _TSEVARS_
  15. #define _TSEVARS_
  16. typedef enum _USERS {
  17. Fred,
  18. Wilma,
  19. Pebbles,
  20. Barney,
  21. Betty,
  22. Bambam,
  23. Dino
  24. } USERS;
  25. //
  26. // Define the Bedrock domain and its inhabitants
  27. //
  28. // Bedrock Domain S-1-39824-21-3-17
  29. // Fred S-1-39824-21-3-17-2
  30. // Wilma S-1-39824-21-3-17-3
  31. // Pebbles S-1-39824-21-3-17-4
  32. // Dino S-1-39824-21-3-17-5
  33. // Barney S-1-39824-21-3-17-6
  34. // Betty S-1-39824-21-3-17-7
  35. // Bambam S-1-39824-21-3-17-8
  36. // Flintstone S-1-39824-21-3-17-9
  37. // Rubble S-1-39824-21-3-17-10
  38. // Adult S-1-39824-21-3-17-11
  39. // Child S-1-39824-21-3-17-12
  40. // Neanderthol S-1-39824-21-3-17-13
  41. //
  42. #define BEDROCK_AUTHORITY {0,0,0,0,155,144}
  43. #define BEDROCK_SUBAUTHORITY_0 0x00000015L
  44. #define BEDROCK_SUBAUTHORITY_1 0x00000003L
  45. #define BEDROCK_SUBAUTHORITY_2 0x00000011L
  46. #define FRED_RID 0x00000002L
  47. #define WILMA_RID 0x00000003L
  48. #define PEBBLES_RID 0x00000004L
  49. #define DINO_RID 0x00000005L
  50. #define BARNEY_RID 0x00000006L
  51. #define BETTY_RID 0x00000007L
  52. #define BAMBAM_RID 0x00000008L
  53. #define FLINTSTONE_RID 0x00000009L
  54. #define RUBBLE_RID 0x0000000AL
  55. #define ADULT_RID 0x0000000BL
  56. #define CHILD_RID 0x0000000CL
  57. #define NEANDERTHOL_RID 0x0000000DL
  58. PSID BedrockDomainSid;
  59. PSID FredSid;
  60. PSID WilmaSid;
  61. PSID PebblesSid;
  62. PSID DinoSid;
  63. PSID BarneySid;
  64. PSID BettySid;
  65. PSID BambamSid;
  66. PSID FlintstoneSid;
  67. PSID RubbleSid;
  68. PSID AdultSid;
  69. PSID ChildSid;
  70. PSID NeandertholSid;
  71. //
  72. // Universal well known SIDs
  73. //
  74. PSID NullSid;
  75. PSID WorldSid;
  76. PSID LocalSid;
  77. PSID CreatorSid;
  78. //
  79. // Sids defined by NT
  80. //
  81. PSID NtAuthoritySid;
  82. PSID DialupSid;
  83. PSID NetworkSid;
  84. PSID BatchSid;
  85. PSID InteractiveSid;
  86. PSID LocalSystemSid;
  87. ////////////////////////////////////////////////////////////////////////
  88. // //
  89. // Define the well known privileges //
  90. // //
  91. ////////////////////////////////////////////////////////////////////////
  92. LUID CreateTokenPrivilege;
  93. LUID AssignPrimaryTokenPrivilege;
  94. LUID LockMemoryPrivilege;
  95. LUID IncreaseQuotaPrivilege;
  96. LUID UnsolicitedInputPrivilege;
  97. LUID TcbPrivilege;
  98. LUID SecurityPrivilege;
  99. LUID TakeOwnershipPrivilege;
  100. LUID CreatePagefilePrivilege;
  101. LUID IncreaseBasePriorityPrivilege;
  102. LUID SystemProfilePrivilege;
  103. LUID SystemtimePrivilege;
  104. LUID ProfileSingleProcessPrivilege;
  105. LUID RestorePrivilege;
  106. LUID BackupPrivilege;
  107. LUID CreatePermanentPrivilege;
  108. LUID ShutdownPrivilege;
  109. LUID DebugPrivilege;
  110. BOOLEAN
  111. TSeVariableInitialization()
  112. /*++
  113. Routine Description:
  114. This function initializes the global variables used in security
  115. tests.
  116. Arguments:
  117. None.
  118. Return Value:
  119. TRUE if variables successfully initialized.
  120. FALSE if not successfully initialized.
  121. --*/
  122. {
  123. ULONG SidWithZeroSubAuthorities;
  124. ULONG SidWithOneSubAuthority;
  125. ULONG SidWithThreeSubAuthorities;
  126. ULONG SidWithFourSubAuthorities;
  127. SID_IDENTIFIER_AUTHORITY NullSidAuthority = SECURITY_NULL_SID_AUTHORITY;
  128. SID_IDENTIFIER_AUTHORITY WorldSidAuthority = SECURITY_WORLD_SID_AUTHORITY;
  129. SID_IDENTIFIER_AUTHORITY LocalSidAuthority = SECURITY_LOCAL_SID_AUTHORITY;
  130. SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = SECURITY_CREATOR_SID_AUTHORITY;
  131. SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
  132. SID_IDENTIFIER_AUTHORITY BedrockAuthority = BEDROCK_AUTHORITY;
  133. //
  134. // The following SID sizes need to be allocated
  135. //
  136. SidWithZeroSubAuthorities = RtlLengthRequiredSid( 0 );
  137. SidWithOneSubAuthority = RtlLengthRequiredSid( 1 );
  138. SidWithThreeSubAuthorities = RtlLengthRequiredSid( 3 );
  139. SidWithFourSubAuthorities = RtlLengthRequiredSid( 4 );
  140. //
  141. // Allocate and initialize the universal SIDs
  142. //
  143. NullSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  144. WorldSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  145. LocalSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  146. CreatorSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  147. RtlInitializeSid( NullSid, &NullSidAuthority, 1 );
  148. RtlInitializeSid( WorldSid, &WorldSidAuthority, 1 );
  149. RtlInitializeSid( LocalSid, &LocalSidAuthority, 1 );
  150. RtlInitializeSid( CreatorSid, &CreatorSidAuthority, 1 );
  151. *(RtlSubAuthoritySid( NullSid, 0 )) = SECURITY_NULL_RID;
  152. *(RtlSubAuthoritySid( WorldSid, 0 )) = SECURITY_WORLD_RID;
  153. *(RtlSubAuthoritySid( LocalSid, 0 )) = SECURITY_LOCAL_RID;
  154. *(RtlSubAuthoritySid( CreatorSid, 0 )) = SECURITY_CREATOR_OWNER_RID;
  155. //
  156. // Allocate and initialize the NT defined SIDs
  157. //
  158. NtAuthoritySid = (PSID)TstAllocatePool(PagedPool,SidWithZeroSubAuthorities);
  159. DialupSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  160. NetworkSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  161. BatchSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  162. InteractiveSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  163. LocalSystemSid = (PSID)TstAllocatePool(PagedPool,SidWithOneSubAuthority);
  164. RtlInitializeSid( NtAuthoritySid, &NtAuthority, 0 );
  165. RtlInitializeSid( DialupSid, &NtAuthority, 1 );
  166. RtlInitializeSid( NetworkSid, &NtAuthority, 1 );
  167. RtlInitializeSid( BatchSid, &NtAuthority, 1 );
  168. RtlInitializeSid( InteractiveSid, &NtAuthority, 1 );
  169. RtlInitializeSid( LocalSystemSid, &NtAuthority, 1 );
  170. *(RtlSubAuthoritySid( DialupSid, 0 )) = SECURITY_DIALUP_RID;
  171. *(RtlSubAuthoritySid( NetworkSid, 0 )) = SECURITY_NETWORK_RID;
  172. *(RtlSubAuthoritySid( BatchSid, 0 )) = SECURITY_BATCH_RID;
  173. *(RtlSubAuthoritySid( InteractiveSid, 0 )) = SECURITY_INTERACTIVE_RID;
  174. *(RtlSubAuthoritySid( LocalSystemSid, 0 )) = SECURITY_LOCAL_SYSTEM_RID;
  175. //
  176. // Allocate and initialize the Bedrock SIDs
  177. //
  178. BedrockDomainSid = (PSID)TstAllocatePool(PagedPool,SidWithThreeSubAuthorities);
  179. FredSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  180. WilmaSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  181. PebblesSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  182. DinoSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  183. BarneySid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  184. BettySid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  185. BambamSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  186. FlintstoneSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  187. RubbleSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  188. AdultSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  189. ChildSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  190. NeandertholSid = (PSID)TstAllocatePool(PagedPool,SidWithFourSubAuthorities);
  191. RtlInitializeSid( BedrockDomainSid, &BedrockAuthority, 3 );
  192. *(RtlSubAuthoritySid( BedrockDomainSid, 0)) = BEDROCK_SUBAUTHORITY_0;
  193. *(RtlSubAuthoritySid( BedrockDomainSid, 1)) = BEDROCK_SUBAUTHORITY_1;
  194. *(RtlSubAuthoritySid( BedrockDomainSid, 2)) = BEDROCK_SUBAUTHORITY_2;
  195. RtlCopySid( SidWithFourSubAuthorities, FredSid, BedrockDomainSid);
  196. *(RtlSubAuthorityCountSid( FredSid )) += 1;
  197. *(RtlSubAuthoritySid( FredSid, 3)) = FRED_RID;
  198. RtlCopySid( SidWithFourSubAuthorities, WilmaSid, BedrockDomainSid);
  199. *(RtlSubAuthorityCountSid( WilmaSid )) += 1;
  200. *(RtlSubAuthoritySid( WilmaSid, 3)) = WILMA_RID;
  201. RtlCopySid( SidWithFourSubAuthorities, PebblesSid, BedrockDomainSid);
  202. *(RtlSubAuthorityCountSid( PebblesSid )) += 1;
  203. *(RtlSubAuthoritySid( PebblesSid, 3)) = PEBBLES_RID;
  204. RtlCopySid( SidWithFourSubAuthorities, DinoSid, BedrockDomainSid);
  205. *(RtlSubAuthorityCountSid( DinoSid )) += 1;
  206. *(RtlSubAuthoritySid( DinoSid, 3)) = DINO_RID;
  207. RtlCopySid( SidWithFourSubAuthorities, BarneySid, BedrockDomainSid);
  208. *(RtlSubAuthorityCountSid( BarneySid )) += 1;
  209. *(RtlSubAuthoritySid( BarneySid, 3)) = BARNEY_RID;
  210. RtlCopySid( SidWithFourSubAuthorities, BettySid, BedrockDomainSid);
  211. *(RtlSubAuthorityCountSid( BettySid )) += 1;
  212. *(RtlSubAuthoritySid( BettySid, 3)) = BETTY_RID;
  213. RtlCopySid( SidWithFourSubAuthorities, BambamSid, BedrockDomainSid);
  214. *(RtlSubAuthorityCountSid( BambamSid )) += 1;
  215. *(RtlSubAuthoritySid( BambamSid, 3)) = BAMBAM_RID;
  216. RtlCopySid( SidWithFourSubAuthorities, FlintstoneSid, BedrockDomainSid);
  217. *(RtlSubAuthorityCountSid( FlintstoneSid )) += 1;
  218. *(RtlSubAuthoritySid( FlintstoneSid, 3)) = FLINTSTONE_RID;
  219. RtlCopySid( SidWithFourSubAuthorities, RubbleSid, BedrockDomainSid);
  220. *(RtlSubAuthorityCountSid( RubbleSid )) += 1;
  221. *(RtlSubAuthoritySid( RubbleSid, 3)) = RUBBLE_RID;
  222. RtlCopySid( SidWithFourSubAuthorities, AdultSid, BedrockDomainSid);
  223. *(RtlSubAuthorityCountSid( AdultSid )) += 1;
  224. *(RtlSubAuthoritySid( AdultSid, 3)) = ADULT_RID;
  225. RtlCopySid( SidWithFourSubAuthorities, ChildSid, BedrockDomainSid);
  226. *(RtlSubAuthorityCountSid( ChildSid )) += 1;
  227. *(RtlSubAuthoritySid( ChildSid, 3)) = CHILD_RID;
  228. RtlCopySid( SidWithFourSubAuthorities, NeandertholSid, BedrockDomainSid);
  229. *(RtlSubAuthorityCountSid( NeandertholSid )) += 1;
  230. *(RtlSubAuthoritySid( NeandertholSid, 3)) = NEANDERTHOL_RID;
  231. CreateTokenPrivilege =
  232. RtlConvertLongToLuid(SE_CREATE_TOKEN_PRIVILEGE);
  233. AssignPrimaryTokenPrivilege =
  234. RtlConvertLongToLuid(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE);
  235. LockMemoryPrivilege =
  236. RtlConvertLongToLuid(SE_LOCK_MEMORY_PRIVILEGE);
  237. IncreaseQuotaPrivilege =
  238. RtlConvertLongToLuid(SE_INCREASE_QUOTA_PRIVILEGE);
  239. UnsolicitedInputPrivilege =
  240. RtlConvertLongToLuid(SE_UNSOLICITED_INPUT_PRIVILEGE);
  241. TcbPrivilege =
  242. RtlConvertLongToLuid(SE_TCB_PRIVILEGE);
  243. SecurityPrivilege =
  244. RtlConvertLongToLuid(SE_SECURITY_PRIVILEGE);
  245. TakeOwnershipPrivilege =
  246. RtlConvertLongToLuid(SE_TAKE_OWNERSHIP_PRIVILEGE);
  247. CreatePagefilePrivilege =
  248. RtlConvertLongToLuid(SE_CREATE_PAGEFILE_PRIVILEGE);
  249. IncreaseBasePriorityPrivilege =
  250. RtlConvertLongToLuid(SE_INC_BASE_PRIORITY_PRIVILEGE);
  251. SystemProfilePrivilege =
  252. RtlConvertLongToLuid(SE_SYSTEM_PROFILE_PRIVILEGE);
  253. SystemtimePrivilege =
  254. RtlConvertLongToLuid(SE_SYSTEMTIME_PRIVILEGE);
  255. ProfileSingleProcessPrivilege =
  256. RtlConvertLongToLuid(SE_PROF_SINGLE_PROCESS_PRIVILEGE);
  257. CreatePermanentPrivilege =
  258. RtlConvertLongToLuid(SE_CREATE_PERMANENT_PRIVILEGE);
  259. BackupPrivilege =
  260. RtlConvertLongToLuid(SE_BACKUP_PRIVILEGE);
  261. RestorePrivilege =
  262. RtlConvertLongToLuid(SE_RESTORE_PRIVILEGE);
  263. ShutdownPrivilege =
  264. RtlConvertLongToLuid(SE_SHUTDOWN_PRIVILEGE);
  265. DebugPrivilege =
  266. RtlConvertLongToLuid(SE_DEBUG_PRIVILEGE);
  267. return TRUE;
  268. }
  269. #endif // _TSEVARS_