ReactOS  0.4.15-dev-2361-g32428a3
setypes.h
Go to the documentation of this file.
1 /*++ NDK Version: 0098
2 
3 Copyright (c) Alex Ionescu. All rights reserved.
4 
5 Header Name:
6 
7  setypes.h
8 
9 Abstract:
10 
11  Type definitions for the security manager.
12 
13 Author:
14 
15  Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16 
17 --*/
18 
19 #ifndef _SETYPES_H
20 #define _SETYPES_H
21 
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 
27 //
28 // Well Known SIDs
29 //
30 #define SECURITY_INTERNETSITE_AUTHORITY {0,0,0,0,0,7}
31 
32 #ifdef NTOS_MODE_USER
33 //
34 // Privilege constants
35 //
36 #define SE_MIN_WELL_KNOWN_PRIVILEGE (2L)
37 #define SE_CREATE_TOKEN_PRIVILEGE (2L)
38 #define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE (3L)
39 #define SE_LOCK_MEMORY_PRIVILEGE (4L)
40 #define SE_INCREASE_QUOTA_PRIVILEGE (5L)
41 #define SE_UNSOLICITED_INPUT_PRIVILEGE (6L)
42 #define SE_MACHINE_ACCOUNT_PRIVILEGE (6L)
43 #define SE_TCB_PRIVILEGE (7L)
44 #define SE_SECURITY_PRIVILEGE (8L)
45 #define SE_TAKE_OWNERSHIP_PRIVILEGE (9L)
46 #define SE_LOAD_DRIVER_PRIVILEGE (10L)
47 #define SE_SYSTEM_PROFILE_PRIVILEGE (11L)
48 #define SE_SYSTEMTIME_PRIVILEGE (12L)
49 #define SE_PROF_SINGLE_PROCESS_PRIVILEGE (13L)
50 #define SE_INC_BASE_PRIORITY_PRIVILEGE (14L)
51 #define SE_CREATE_PAGEFILE_PRIVILEGE (15L)
52 #define SE_CREATE_PERMANENT_PRIVILEGE (16L)
53 #define SE_BACKUP_PRIVILEGE (17L)
54 #define SE_RESTORE_PRIVILEGE (18L)
55 #define SE_SHUTDOWN_PRIVILEGE (19L)
56 #define SE_DEBUG_PRIVILEGE (20L)
57 #define SE_AUDIT_PRIVILEGE (21L)
58 #define SE_SYSTEM_ENVIRONMENT_PRIVILEGE (22L)
59 #define SE_CHANGE_NOTIFY_PRIVILEGE (23L)
60 #define SE_REMOTE_SHUTDOWN_PRIVILEGE (24L)
61 #define SE_UNDOCK_PRIVILEGE (25L)
62 #define SE_SYNC_AGENT_PRIVILEGE (26L)
63 #define SE_ENABLE_DELEGATION_PRIVILEGE (27L)
64 #define SE_MANAGE_VOLUME_PRIVILEGE (28L)
65 #define SE_IMPERSONATE_PRIVILEGE (29L)
66 #define SE_CREATE_GLOBAL_PRIVILEGE (30L)
67 #define SE_MAX_WELL_KNOWN_PRIVILEGE (SE_CREATE_GLOBAL_PRIVILEGE)
68 
69 typedef struct _TOKEN_MANDATORY_POLICY {
70  ULONG Policy;
72 
73 typedef struct _TOKEN_ACCESS_INFORMATION
74 {
82  ULONG Flags;
84 
85 #else
86 
87 //
88 // User and Group-related SID Attributes
89 //
90 #define SE_GROUP_MANDATORY 0x00000001
91 #define SE_GROUP_ENABLED_BY_DEFAULT 0x00000002
92 #define SE_GROUP_ENABLED 0x00000004
93 #define SE_GROUP_OWNER 0x00000008
94 #define SE_GROUP_USE_FOR_DENY_ONLY 0x00000010
95 #define SE_GROUP_INTEGRITY 0x00000020
96 #define SE_GROUP_INTEGRITY_ENABLED 0x00000040
97 #define SE_GROUP_RESOURCE 0x20000000
98 #define SE_GROUP_LOGON_ID 0xC0000000
99 
100 #define SE_GROUP_VALID_ATTRIBUTES \
101  (SE_GROUP_MANDATORY | \
102  SE_GROUP_ENABLED_BY_DEFAULT | \
103  SE_GROUP_ENABLED | \
104  SE_GROUP_OWNER | \
105  SE_GROUP_USE_FOR_DENY_ONLY | \
106  SE_GROUP_LOGON_ID | \
107  SE_GROUP_RESOURCE | \
108  SE_GROUP_INTEGRITY | \
109  SE_GROUP_INTEGRITY_ENABLED)
110 
111 //
112 // Proxy Class enumeration
113 //
114 typedef enum _PROXY_CLASS
115 {
120 } PROXY_CLASS;
121 
122 //
123 // Audit and Policy Structures
124 //
126 {
137 
139 {
143 
144 typedef struct _SEP_AUDIT_POLICY
145 {
146  union
147  {
151  };
153 
155 {
158 
159 //
160 // Token Audit Data
161 //
163 {
168 
169 //
170 // Token Proxy Data
171 //
173 {
180 
181 //
182 // Token and auxiliary data
183 //
184 typedef struct _TOKEN
185 {
187  LUID TokenId; /* 0x10 */
188  LUID AuthenticationId; /* 0x18 */
189  LUID ParentTokenId; /* 0x20 */
191  PERESOURCE TokenLock; /* 0x30 */
193  LUID ModifiedId; /* 0x40 */
194  ULONG SessionId; /* 0x48 */
197  ULONG PrivilegeCount; /* 0x54 */
198  ULONG VariableLength; /* 0x58 */
199  ULONG DynamicCharged; /* 0x5C */
204  PSID PrimaryGroup; /* 0x70 */
206  PULONG DynamicPart; /* 0x78 */
207  PACL DefaultDacl; /* 0x7C */
208  TOKEN_TYPE TokenType; /* 0x80 */
210  ULONG TokenFlags; /* 0x88 */
211  BOOLEAN TokenInUse; /* 0x8C */
215  ULONG VariablePart; /* 0xA0 */
216 } TOKEN, *PTOKEN;
217 
218 typedef struct _AUX_ACCESS_DATA
219 {
224 
225 //
226 // External SRM Data
227 //
230 
231 #endif
232 #endif
struct _SECURITY_TOKEN_AUDIT_DATA SECURITY_TOKEN_AUDIT_DATA
TOKEN_TYPE TokenType
Definition: setypes.h:208
PPRIVILEGE_SET PrivilegeSet
Definition: setypes.h:220
PSID_AND_ATTRIBUTES_HASH SidHash
Definition: setypes.h:1114
POBJECT_NAME_INFORMATION ImageFileName
Definition: setypes.h:156
ULONG DynamicCharged
Definition: setypes.h:199
struct _TOKEN_ACCESS_INFORMATION * PTOKEN_ACCESS_INFORMATION
PACL NTSYSAPI SeSystemDefaultDacl
Definition: acl.c:19
LUID AuthenticationId
Definition: setypes.h:188
ULONG VariablePart
Definition: setypes.h:215
PSID_AND_ATTRIBUTES_HASH RestrictedSidHash
Definition: setypes.h:1115
GENERIC_MAPPING GenericMapping
Definition: setypes.h:221
ULONG PrivilegeCount
Definition: setypes.h:197
PLUID_AND_ATTRIBUTES Privileges
Definition: setypes.h:205
#define NTSYSAPI
Definition: ntoskrnl.h:14
ULONG Reserved
Definition: setypes.h:222
LUID ModifiedId
Definition: setypes.h:193
struct _SEP_AUDIT_POLICY * PSEP_AUDIT_POLICY
ULONG TokenFlags
Definition: setypes.h:210
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:1119
ERESOURCE * PERESOURCE
Definition: env_spec_w32.h:595
struct _SEP_AUDIT_POLICY_OVERLAY * PSEP_AUDIT_POLICY_OVERLAY
ULONG DynamicAvailable
Definition: setypes.h:200
struct _TOKEN_ACCESS_INFORMATION TOKEN_ACCESS_INFORMATION
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
PACL DefaultDacl
Definition: setypes.h:207
PTOKEN_PRIVILEGES Privileges
Definition: setypes.h:1116
unsigned char BOOLEAN
struct _TOKEN_MANDATORY_POLICY TOKEN_MANDATORY_POLICY
LUID ParentTokenId
Definition: setypes.h:189
struct _SEP_AUDIT_POLICY_OVERLAY SEP_AUDIT_POLICY_OVERLAY
ULONG DefaultOwnerIndex
Definition: setypes.h:201
ULONG VariableLength
Definition: setypes.h:198
SEP_AUDIT_POLICY_OVERLAY PolicyOverlay
Definition: setypes.h:149
struct _SE_AUDIT_PROCESS_CREATION_INFO * PSE_AUDIT_PROCESS_CREATION_INFO
ULONG SessionId
Definition: setypes.h:194
ULONG RestrictedSidCount
Definition: setypes.h:196
PULONG DynamicPart
Definition: setypes.h:206
struct _TOKEN_MANDATORY_POLICY * PTOKEN_MANDATORY_POLICY
PSID PrimaryGroup
Definition: setypes.h:204
LARGE_INTEGER ExpirationTime
Definition: setypes.h:190
BOOLEAN TokenInUse
Definition: setypes.h:211
uint64_t ULONGLONG
Definition: typedefs.h:67
SEP_AUDIT_POLICY_CATEGORIES PolicyElements
Definition: setypes.h:148
PSECURITY_TOKEN_AUDIT_DATA AuditData
Definition: setypes.h:213
PSID_AND_ATTRIBUTES RestrictedSids
Definition: setypes.h:203
unsigned char UCHAR
Definition: xmlstorage.h:181
SEP_AUDIT_POLICY AuditPolicy
Definition: setypes.h:192
enum _PROXY_CLASS PROXY_CLASS
TOKEN_MANDATORY_POLICY MandatoryPolicy
Definition: setypes.h:1120
enum _TOKEN_TYPE TOKEN_TYPE
struct _SECURITY_TOKEN_AUDIT_DATA * PSECURITY_TOKEN_AUDIT_DATA
struct _AUX_ACCESS_DATA AUX_ACCESS_DATA
PACL NTSYSAPI SePublicDefaultDacl
Definition: acl.c:18
struct _SECURITY_TOKEN_PROXY_DATA * PSECURITY_TOKEN_PROXY_DATA
struct _SE_AUDIT_PROCESS_CREATION_INFO SE_AUDIT_PROCESS_CREATION_INFO
PERESOURCE TokenLock
Definition: setypes.h:191
_PROXY_CLASS
Definition: setypes.h:114
struct _TOKEN * PTOKEN
ULONG UserAndGroupCount
Definition: setypes.h:195
ULONGLONG Overlay
Definition: setypes.h:150
LUID TokenId
Definition: setypes.h:187
unsigned int * PULONG
Definition: retypes.h:1
struct _SEP_AUDIT_POLICY SEP_AUDIT_POLICY
struct _AUX_ACCESS_DATA * PAUX_ACCESS_DATA
struct _SECURITY_TOKEN_PROXY_DATA SECURITY_TOKEN_PROXY_DATA
struct _SEP_AUDIT_POLICY_CATEGORIES * PSEP_AUDIT_POLICY_CATEGORIES
PSECURITY_TOKEN_PROXY_DATA ProxyData
Definition: setypes.h:212
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:209
unsigned int ULONG
Definition: retypes.h:1
PSID_AND_ATTRIBUTES UserAndGroups
Definition: setypes.h:202
struct _SEP_AUDIT_POLICY_CATEGORIES SEP_AUDIT_POLICY_CATEGORIES
TOKEN_SOURCE TokenSource
Definition: setypes.h:186
PROXY_CLASS ProxyClass
Definition: setypes.h:175
UNICODE_STRING PathInfo
Definition: setypes.h:176
struct _TOKEN TOKEN
LUID OriginatingLogonSession
Definition: setypes.h:214