ReactOS 0.4.16-dev-737-g3368adc
|
#include "winlogon.h"
Go to the source code of this file.
Functions | |
PSECURITY_DESCRIPTOR | ConvertToSelfRelative (_In_ PSECURITY_DESCRIPTOR AbsoluteSd) |
Converts an absolute security descriptor to a self-relative format. | |
BOOL | CreateWinstaSecurity (_Out_ PSECURITY_DESCRIPTOR *WinstaSd) |
Creates a security descriptor for the default window station upon its creation. | |
BOOL | CreateApplicationDesktopSecurity (_Out_ PSECURITY_DESCRIPTOR *ApplicationDesktopSd) |
Creates a security descriptor for the default application desktop upon its creation. | |
BOOL | CreateWinlogonDesktopSecurity (_Out_ PSECURITY_DESCRIPTOR *WinlogonDesktopSd) |
Creates a security descriptor for the default Winlogon desktop. This descriptor serves as a security measure for the winlogon desktop so that only Winlogon itself (and admins) can interact with it. | |
BOOL | CreateScreenSaverSecurity (_Out_ PSECURITY_DESCRIPTOR *ScreenSaverDesktopSd) |
Creates a security descriptor for the screen saver desktop. | |
BOOL | AllowWinstaAccessToUser (_In_ HWINSTA WinSta, _In_ PSID LogonSid) |
Assigns access to the specific logon user to the default window station. Such access is given to the user when it has logged in. | |
BOOL | AllowDesktopAccessToUser (_In_ HDESK Desktop, _In_ PSID LogonSid) |
Assigns access to the specific logon user to the default desktop. Such access is given to the user when it has logged in. | |
BOOL | AllowAccessOnSession (_In_ PWLSESSION Session) |
Assigns both window station and desktop access to the specific session currently active on the system. | |
Variables | |
static SID_IDENTIFIER_AUTHORITY | NtAuthority = {SECURITY_NT_AUTHORITY} |
#define DESKTOP_ADMINS_LIMITED |
Definition at line 19 of file security.c.
#define DESKTOP_ALL |
Definition at line 14 of file security.c.
#define DESKTOP_INTERACTIVE_LIMITED |
Definition at line 22 of file security.c.
#define DESKTOP_WINLOGON_ADMINS_LIMITED (STANDARD_RIGHTS_REQUIRED | DESKTOP_ENUMERATE) |
Definition at line 25 of file security.c.
#define GENERIC_ACCESS |
Definition at line 35 of file security.c.
#define WINSTA_ADMINS_LIMITED (WINSTA_READATTRIBUTES | WINSTA_ENUMERATE) |
Definition at line 33 of file security.c.
#define WINSTA_ALL |
Definition at line 27 of file security.c.
BOOL AllowAccessOnSession | ( | _In_ PWLSESSION | Session | ) |
Assigns both window station and desktop access to the specific session currently active on the system.
[in] | Session | A pointer to an active session. |
Definition at line 1391 of file security.c.
Referenced by HandleLogon().
Assigns access to the specific logon user to the default desktop. Such access is given to the user when it has logged in.
[in] | Desktop | A handle to a desktop where the user is given access to it. |
[in] | LogonSid | A pointer to a logon SID that represents the logged in user in question. |
Definition at line 1165 of file security.c.
Referenced by AllowAccessOnSession().
Assigns access to the specific logon user to the default window station. Such access is given to the user when it has logged in.
[in] | WinSta | A handle to a window station where the user is given access to it. |
[in] | LogonSid | A pointer to a logon SID that represents the logged in user in question. |
Definition at line 874 of file security.c.
Referenced by AllowAccessOnSession().
PSECURITY_DESCRIPTOR ConvertToSelfRelative | ( | _In_ PSECURITY_DESCRIPTOR | AbsoluteSd | ) |
Converts an absolute security descriptor to a self-relative format.
[in] | AbsoluteSd | A pointer to an absolute security descriptor to be converted. |
Definition at line 64 of file security.c.
Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), CreateApplicationDesktopSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), and CreateWinstaSecurity().
BOOL CreateApplicationDesktopSecurity | ( | _Out_ PSECURITY_DESCRIPTOR * | ApplicationDesktopSd | ) |
Creates a security descriptor for the default application desktop upon its creation.
[out] | ApplicationDesktopSd | A pointer to a created security descriptor for the application desktop. |
Definition at line 359 of file security.c.
Referenced by CreateWindowStationAndDesktops().
BOOL CreateScreenSaverSecurity | ( | _Out_ PSECURITY_DESCRIPTOR * | ScreenSaverDesktopSd | ) |
Creates a security descriptor for the screen saver desktop.
[out] | ScreenSaverDesktopSd | A pointer to a created security descriptor for the screen-saver desktop. |
Definition at line 690 of file security.c.
Referenced by CreateWindowStationAndDesktops().
BOOL CreateWinlogonDesktopSecurity | ( | _Out_ PSECURITY_DESCRIPTOR * | WinlogonDesktopSd | ) |
Creates a security descriptor for the default Winlogon desktop. This descriptor serves as a security measure for the winlogon desktop so that only Winlogon itself (and admins) can interact with it.
[out] | WinlogonDesktopSd | A pointer to a created security descriptor for the Winlogon desktop. |
Definition at line 541 of file security.c.
Referenced by CreateWindowStationAndDesktops().
BOOL CreateWinstaSecurity | ( | _Out_ PSECURITY_DESCRIPTOR * | WinstaSd | ) |
Creates a security descriptor for the default window station upon its creation.
[out] | WinstaSd | A pointer to a created security descriptor for the window station. |
Definition at line 112 of file security.c.
Referenced by CreateWindowStationAndDesktops().
|
static |
Definition at line 40 of file security.c.
Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), CmpHiveRootSecurityDescriptor(), CreateApplicationDesktopSecurity(), CreateBaseAcls(), CreateDefaultProcessSecurityCommon(), CreateDhcpPipeSecurity(), CreateNewDefaultDacl(), CreateNlsDirectorySecurity(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), GetNtAuthorityDomainSid(), is_process_limited(), IsCallerInteractive(), IsUserAdmin(), LsapCreateAccountSd(), LsapCreatePolicySd(), LsapCreateSecretSd(), LsapCreateTokenSd(), LsapInitSids(), RtlDefaultNpAcl(), SampCreateAccountDomainSD(), SampCreateAliasSD(), SampCreateBuiltinDomainSD(), SampCreateGroupSD(), SampCreateServerSD(), SampCreateUserSD(), ScmCreateSids(), and SmpCreateSecurityDescriptors().