Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

138 lines
4.6 KiB

/**********************************************************************/
/** Microsoft Windows NT **/
/** Copyright(c) Microsoft Corp., 1992 **/
/**********************************************************************/
/*
NTMasks.hxx
This file contains the Access mask mappings for the Generic ACL Editor
for NT FS.
FILE HISTORY:
Johnl 7-Jan-1992 Broke out from ntfsacl.hxx
*/
#ifndef _NTMASKS_HXX_
#define _NTMASKS_HXX_
/* The following manifests are the permission bitfields that represent
* each string above. Note that for the special bits we could have used
* the permission manifest directly (i.e., FILE_READ_DATA instead of
* FILE_PERM_SPEC_READ_DATA), however the special bits can also contain
* multiple flags, so this protects us in case we ever decide to combine
* some manifests.
*
*/
/* File Special Permissions
*/
#define FILE_PERM_SPEC_READ GENERIC_READ
#define FILE_PERM_SPEC_WRITE GENERIC_WRITE
#define FILE_PERM_SPEC_EXECUTE GENERIC_EXECUTE
#define FILE_PERM_SPEC_ALL GENERIC_ALL
#define FILE_PERM_SPEC_DELETE DELETE
#define FILE_PERM_SPEC_CHANGE_PERM WRITE_DAC
#define FILE_PERM_SPEC_CHANGE_OWNER WRITE_OWNER
/* File General Permissions
*/
#define FILE_PERM_GEN_NO_ACCESS (0)
#define FILE_PERM_GEN_READ (GENERIC_READ |\
GENERIC_EXECUTE)
#define FILE_PERM_GEN_MODIFY (GENERIC_READ |\
GENERIC_EXECUTE |\
GENERIC_WRITE |\
DELETE )
#define FILE_PERM_GEN_ALL (GENERIC_ALL)
/* Directory Special Permissions
*/
#define DIR_PERM_SPEC_READ GENERIC_READ
#define DIR_PERM_SPEC_WRITE GENERIC_WRITE
#define DIR_PERM_SPEC_EXECUTE GENERIC_EXECUTE
#define DIR_PERM_SPEC_ALL GENERIC_ALL
#define DIR_PERM_SPEC_DELETE DELETE
#define DIR_PERM_SPEC_CHANGE_PERM WRITE_DAC
#define DIR_PERM_SPEC_CHANGE_OWNER WRITE_OWNER
/* Directory General Permissions
*/
#define DIR_PERM_GEN_NO_ACCESS (0)
#define DIR_PERM_GEN_LIST (GENERIC_READ |\
GENERIC_EXECUTE)
#define DIR_PERM_GEN_READ (GENERIC_READ |\
GENERIC_EXECUTE)
#define DIR_PERM_GEN_DEPOSIT (GENERIC_WRITE |\
GENERIC_EXECUTE)
#define DIR_PERM_GEN_PUBLISH (GENERIC_READ |\
GENERIC_WRITE |\
GENERIC_EXECUTE)
#define DIR_PERM_GEN_MODIFY (GENERIC_READ |\
GENERIC_WRITE |\
GENERIC_EXECUTE |\
DELETE )
#define DIR_PERM_GEN_ALL (GENERIC_ALL)
/* New file Special Permissions
*/
#define NEWFILE_PERM_SPEC_READ GENERIC_READ
#define NEWFILE_PERM_SPEC_WRITE GENERIC_WRITE
#define NEWFILE_PERM_SPEC_EXECUTE GENERIC_EXECUTE
#define NEWFILE_PERM_SPEC_ALL GENERIC_ALL
#define NEWFILE_PERM_SPEC_DELETE DELETE
#define NEWFILE_PERM_SPEC_CHANGE_PERM WRITE_DAC
#define NEWFILE_PERM_SPEC_CHANGE_OWNER WRITE_OWNER
/* New File General permissions - Note that these correspond to the Directory
* general permissions.
*/
#define NEWFILE_PERM_GEN_NO_ACCESS (0)
#define NEWFILE_PERM_GEN_LIST (ACCESS_MASK_NEW_OBJ_NOT_SPECIFIED)
#define NEWFILE_PERM_GEN_READ (GENERIC_READ |\
GENERIC_EXECUTE)
#define NEWFILE_PERM_GEN_DEPOSIT (ACCESS_MASK_NEW_OBJ_NOT_SPECIFIED)
#define NEWFILE_PERM_GEN_PUBLISH (GENERIC_READ |\
GENERIC_EXECUTE)
#define NEWFILE_PERM_GEN_MODIFY (GENERIC_READ |\
GENERIC_WRITE |\
GENERIC_EXECUTE |\
DELETE )
#define NEWFILE_PERM_GEN_ALL (GENERIC_ALL)
//
// Audit access masks
//
// Note that ACCESS_SYSTEM_SECURITY is ored with both Generic Read and
// Generic Write. Access to the SACL is a privilege and if you have that
// privilege, then you can both read and write the SACL.
//
#define FILE_AUDIT_READ (GENERIC_READ |\
ACCESS_SYSTEM_SECURITY)
#define FILE_AUDIT_WRITE (GENERIC_WRITE |\
ACCESS_SYSTEM_SECURITY)
#define FILE_AUDIT_EXECUTE GENERIC_EXECUTE
#define FILE_AUDIT_DELETE DELETE
#define FILE_AUDIT_CHANGE_PERM WRITE_DAC
#define FILE_AUDIT_CHANGE_OWNER WRITE_OWNER
#define DIR_AUDIT_READ (GENERIC_READ |\
ACCESS_SYSTEM_SECURITY)
#define DIR_AUDIT_WRITE (GENERIC_WRITE |\
ACCESS_SYSTEM_SECURITY)
#define DIR_AUDIT_EXECUTE GENERIC_EXECUTE
#define DIR_AUDIT_DELETE DELETE
#define DIR_AUDIT_CHANGE_PERM WRITE_DAC
#define DIR_AUDIT_CHANGE_OWNER WRITE_OWNER
/* The valid access masks for NTFS
*/
#define NTFS_VALID_ACCESS_MASK (0xffffffff)
#endif //_NTMASKS_HXX_