mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
138 lines
4.6 KiB
138 lines
4.6 KiB
/**********************************************************************/
|
|
/** Microsoft Windows NT **/
|
|
/** Copyright(c) Microsoft Corp., 1992 **/
|
|
/**********************************************************************/
|
|
|
|
/*
|
|
NTMasks.hxx
|
|
|
|
This file contains the Access mask mappings for the Generic ACL Editor
|
|
for NT FS.
|
|
|
|
|
|
|
|
FILE HISTORY:
|
|
Johnl 7-Jan-1992 Broke out from ntfsacl.hxx
|
|
|
|
*/
|
|
|
|
#ifndef _NTMASKS_HXX_
|
|
#define _NTMASKS_HXX_
|
|
|
|
/* The following manifests are the permission bitfields that represent
|
|
* each string above. Note that for the special bits we could have used
|
|
* the permission manifest directly (i.e., FILE_READ_DATA instead of
|
|
* FILE_PERM_SPEC_READ_DATA), however the special bits can also contain
|
|
* multiple flags, so this protects us in case we ever decide to combine
|
|
* some manifests.
|
|
*
|
|
*/
|
|
|
|
/* File Special Permissions
|
|
*/
|
|
#define FILE_PERM_SPEC_READ GENERIC_READ
|
|
#define FILE_PERM_SPEC_WRITE GENERIC_WRITE
|
|
#define FILE_PERM_SPEC_EXECUTE GENERIC_EXECUTE
|
|
#define FILE_PERM_SPEC_ALL GENERIC_ALL
|
|
#define FILE_PERM_SPEC_DELETE DELETE
|
|
#define FILE_PERM_SPEC_CHANGE_PERM WRITE_DAC
|
|
#define FILE_PERM_SPEC_CHANGE_OWNER WRITE_OWNER
|
|
|
|
/* File General Permissions
|
|
*/
|
|
#define FILE_PERM_GEN_NO_ACCESS (0)
|
|
#define FILE_PERM_GEN_READ (GENERIC_READ |\
|
|
GENERIC_EXECUTE)
|
|
#define FILE_PERM_GEN_MODIFY (GENERIC_READ |\
|
|
GENERIC_EXECUTE |\
|
|
GENERIC_WRITE |\
|
|
DELETE )
|
|
#define FILE_PERM_GEN_ALL (GENERIC_ALL)
|
|
|
|
|
|
/* Directory Special Permissions
|
|
*/
|
|
#define DIR_PERM_SPEC_READ GENERIC_READ
|
|
#define DIR_PERM_SPEC_WRITE GENERIC_WRITE
|
|
#define DIR_PERM_SPEC_EXECUTE GENERIC_EXECUTE
|
|
#define DIR_PERM_SPEC_ALL GENERIC_ALL
|
|
#define DIR_PERM_SPEC_DELETE DELETE
|
|
#define DIR_PERM_SPEC_CHANGE_PERM WRITE_DAC
|
|
#define DIR_PERM_SPEC_CHANGE_OWNER WRITE_OWNER
|
|
|
|
/* Directory General Permissions
|
|
*/
|
|
#define DIR_PERM_GEN_NO_ACCESS (0)
|
|
#define DIR_PERM_GEN_LIST (GENERIC_READ |\
|
|
GENERIC_EXECUTE)
|
|
#define DIR_PERM_GEN_READ (GENERIC_READ |\
|
|
GENERIC_EXECUTE)
|
|
#define DIR_PERM_GEN_DEPOSIT (GENERIC_WRITE |\
|
|
GENERIC_EXECUTE)
|
|
#define DIR_PERM_GEN_PUBLISH (GENERIC_READ |\
|
|
GENERIC_WRITE |\
|
|
GENERIC_EXECUTE)
|
|
#define DIR_PERM_GEN_MODIFY (GENERIC_READ |\
|
|
GENERIC_WRITE |\
|
|
GENERIC_EXECUTE |\
|
|
DELETE )
|
|
#define DIR_PERM_GEN_ALL (GENERIC_ALL)
|
|
|
|
/* New file Special Permissions
|
|
*/
|
|
#define NEWFILE_PERM_SPEC_READ GENERIC_READ
|
|
#define NEWFILE_PERM_SPEC_WRITE GENERIC_WRITE
|
|
#define NEWFILE_PERM_SPEC_EXECUTE GENERIC_EXECUTE
|
|
#define NEWFILE_PERM_SPEC_ALL GENERIC_ALL
|
|
#define NEWFILE_PERM_SPEC_DELETE DELETE
|
|
#define NEWFILE_PERM_SPEC_CHANGE_PERM WRITE_DAC
|
|
#define NEWFILE_PERM_SPEC_CHANGE_OWNER WRITE_OWNER
|
|
|
|
/* New File General permissions - Note that these correspond to the Directory
|
|
* general permissions.
|
|
*/
|
|
#define NEWFILE_PERM_GEN_NO_ACCESS (0)
|
|
#define NEWFILE_PERM_GEN_LIST (ACCESS_MASK_NEW_OBJ_NOT_SPECIFIED)
|
|
#define NEWFILE_PERM_GEN_READ (GENERIC_READ |\
|
|
GENERIC_EXECUTE)
|
|
#define NEWFILE_PERM_GEN_DEPOSIT (ACCESS_MASK_NEW_OBJ_NOT_SPECIFIED)
|
|
#define NEWFILE_PERM_GEN_PUBLISH (GENERIC_READ |\
|
|
GENERIC_EXECUTE)
|
|
#define NEWFILE_PERM_GEN_MODIFY (GENERIC_READ |\
|
|
GENERIC_WRITE |\
|
|
GENERIC_EXECUTE |\
|
|
DELETE )
|
|
#define NEWFILE_PERM_GEN_ALL (GENERIC_ALL)
|
|
|
|
//
|
|
// Audit access masks
|
|
//
|
|
// Note that ACCESS_SYSTEM_SECURITY is ored with both Generic Read and
|
|
// Generic Write. Access to the SACL is a privilege and if you have that
|
|
// privilege, then you can both read and write the SACL.
|
|
//
|
|
|
|
#define FILE_AUDIT_READ (GENERIC_READ |\
|
|
ACCESS_SYSTEM_SECURITY)
|
|
#define FILE_AUDIT_WRITE (GENERIC_WRITE |\
|
|
ACCESS_SYSTEM_SECURITY)
|
|
#define FILE_AUDIT_EXECUTE GENERIC_EXECUTE
|
|
#define FILE_AUDIT_DELETE DELETE
|
|
#define FILE_AUDIT_CHANGE_PERM WRITE_DAC
|
|
#define FILE_AUDIT_CHANGE_OWNER WRITE_OWNER
|
|
|
|
#define DIR_AUDIT_READ (GENERIC_READ |\
|
|
ACCESS_SYSTEM_SECURITY)
|
|
#define DIR_AUDIT_WRITE (GENERIC_WRITE |\
|
|
ACCESS_SYSTEM_SECURITY)
|
|
#define DIR_AUDIT_EXECUTE GENERIC_EXECUTE
|
|
#define DIR_AUDIT_DELETE DELETE
|
|
#define DIR_AUDIT_CHANGE_PERM WRITE_DAC
|
|
#define DIR_AUDIT_CHANGE_OWNER WRITE_OWNER
|
|
|
|
|
|
/* The valid access masks for NTFS
|
|
*/
|
|
#define NTFS_VALID_ACCESS_MASK (0xffffffff)
|
|
|
|
#endif //_NTMASKS_HXX_
|