ReactOS 0.4.15-dev-8636-g945e856
|
Go to the source code of this file.
Classes | |
struct | _ACEFLAG |
union | _MAX_SID |
struct | WELLKNOWNSID |
struct | WELLKNOWNRID |
Macros | |
#define | ADS_RIGHT_DS_CREATE_CHILD 0x0001 |
#define | ADS_RIGHT_DS_DELETE_CHILD 0x0002 |
#define | ADS_RIGHT_ACTRL_DS_LIST 0x0004 |
#define | ADS_RIGHT_DS_SELF 0x0008 |
#define | ADS_RIGHT_DS_READ_PROP 0x0010 |
#define | ADS_RIGHT_DS_WRITE_PROP 0x0020 |
#define | ADS_RIGHT_DS_DELETE_TREE 0x0040 |
#define | ADS_RIGHT_DS_LIST_OBJECT 0x0080 |
#define | ADS_RIGHT_DS_CONTROL_ACCESS 0x0100 |
Typedefs | |
typedef struct _ACEFLAG | ACEFLAG |
typedef struct _ACEFLAG * | LPACEFLAG |
typedef struct _MAX_SID | MAX_SID |
typedef struct WELLKNOWNSID | WELLKNOWNSID |
typedef struct WELLKNOWNRID | WELLKNOWNRID |
#define ADS_RIGHT_ACTRL_DS_LIST 0x0004 |
Definition at line 155 of file security.c.
#define ADS_RIGHT_DS_CONTROL_ACCESS 0x0100 |
Definition at line 161 of file security.c.
#define ADS_RIGHT_DS_CREATE_CHILD 0x0001 |
Definition at line 153 of file security.c.
#define ADS_RIGHT_DS_DELETE_CHILD 0x0002 |
Definition at line 154 of file security.c.
#define ADS_RIGHT_DS_DELETE_TREE 0x0040 |
Definition at line 159 of file security.c.
#define ADS_RIGHT_DS_LIST_OBJECT 0x0080 |
Definition at line 160 of file security.c.
#define ADS_RIGHT_DS_READ_PROP 0x0010 |
Definition at line 157 of file security.c.
#define ADS_RIGHT_DS_SELF 0x0008 |
Definition at line 156 of file security.c.
#define ADS_RIGHT_DS_WRITE_PROP 0x0020 |
Definition at line 158 of file security.c.
typedef struct WELLKNOWNRID WELLKNOWNRID |
typedef struct WELLKNOWNSID WELLKNOWNSID |
BOOL WINAPI AccessCheck | ( | IN PSECURITY_DESCRIPTOR | pSecurityDescriptor, |
IN HANDLE | ClientToken, | ||
IN DWORD | DesiredAccess, | ||
IN PGENERIC_MAPPING | GenericMapping, | ||
OUT PPRIVILEGE_SET PrivilegeSet | OPTIONAL, | ||
IN OUT LPDWORD | PrivilegeSetLength, | ||
OUT LPDWORD | GrantedAccess, | ||
OUT LPBOOL | AccessStatus | ||
) |
Definition at line 1650 of file security.c.
Referenced by test_AccessCheck(), test_default_handle_security(), and test_FileSecurity().
BOOL WINAPI AccessCheckByType | ( | _In_ PSECURITY_DESCRIPTOR | pSecurityDescriptor, |
_In_opt_ PSID | PrincipalSelfSid, | ||
_In_ HANDLE | ClientToken, | ||
_In_ DWORD | DesiredAccess, | ||
_In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST | ObjectTypeList, | ||
_In_ DWORD | ObjectTypeListLength, | ||
_In_ PGENERIC_MAPPING | GenericMapping, | ||
_Out_writes_bytes_ *PrivilegeSetLength PPRIVILEGE_SET | PrivilegeSet, | ||
_Inout_ LPDWORD | PrivilegeSetLength, | ||
_Out_ LPDWORD | GrantedAccess, | ||
_Out_ LPBOOL | AccessStatus | ||
) |
Determines whether security access can be granted to a client that requests such access on the object type list. The access is either granted or denied for the whole object hierarchy in the list.
[in] | pSecurityDescriptor | A pointer to a security descriptor that identifies the security information of an object being accessed. This function walks through this descriptor for any ACLs and respective access rights if access can be granted. |
[in] | PrincipalSelfSid | A pointer to a principal self SID. This parameter can be NULL if the associated object being checked for access does not represent a principal. |
[in] | ClientToken | A handle to an access token, that identifies the client of which requests access to the target object. |
[in] | DesiredAccess | The access right bitmask where the client wants to acquire. This can be an OR'ed set of multiple access rights or MAXIMUM_ALLOWED to request all of possible access rights the target object allows. If only some rights were granted but not all the access is deemed as denied. |
[in] | ObjectTypeList | A pointer to a given object type list. If this parameter is not NULL the function will perform an access check against the main object and sub-objects of this list. If this parameter is NULL and ObjectTypeListLength is 0, the function will perform a normal access check instead. |
[in] | ObjectTypeListLength | The length of the object type list array, pointed by ObjectTypeList. This length in question represents the number of elements in such array. This parameter must be 0 if no array list is provided. |
[in] | GenericMapping | The generic mapping of access rights of an object type. |
[out] | PrivilegeSet | A pointer to a set of privileges that were used to perform the access check, returned to caller. This function will return no privileges (privilege count set to 0) if no privileges were used to accomplish the access check. This parameter must not be NULL! |
[in,out] | PrivilegeSetLength | The total length size of a set of privileges. This length represents the count of elements in the privilege set array. |
[out] | GrantedAccess | A pointer to granted access rights, returned to the caller. |
[out] | AccessStatus | A pointer to a boolean value that indicates whether access is granted or denied to the client that requests access to the entire hierarchy of an object type list. If ObjectTypeList is NULL, this value represents the access that is granted or denied to the target object, just like in AccessCheck. |
Definition at line 1767 of file security.c.
BOOL WINAPI AccessCheckByTypeResultList | ( | _In_ PSECURITY_DESCRIPTOR | pSecurityDescriptor, |
_In_opt_ PSID | PrincipalSelfSid, | ||
_In_ HANDLE | ClientToken, | ||
_In_ DWORD | DesiredAccess, | ||
_In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST | ObjectTypeList, | ||
_In_ DWORD | ObjectTypeListLength, | ||
_In_ PGENERIC_MAPPING | GenericMapping, | ||
_Out_writes_bytes_ *PrivilegeSetLength PPRIVILEGE_SET | PrivilegeSet, | ||
_Inout_ LPDWORD | PrivilegeSetLength, | ||
_Out_writes_(ObjectTypeListLength) LPDWORD | GrantedAccess, | ||
_Out_writes_(ObjectTypeListLength) LPBOOL | AccessStatus | ||
) |
Determines whether security access can be granted to a client that requests such access on the object type list. Unlike the AccessCheckByType variant, this function will grant or deny access to each individual object and sub-object in the list.
[in] | pSecurityDescriptor | A pointer to a security descriptor that identifies the security information of an object being accessed. This function walks through this descriptor for any ACLs and respective access rights if access can be granted. |
[in] | PrincipalSelfSid | A pointer to a principal self SID. This parameter can be NULL if the associated object being checked for access does not represent a principal. |
[in] | ClientToken | A handle to an access token, that identifies the client of which requests access to the target object. |
[in] | DesiredAccess | The access right bitmask where the client wants to acquire. This can be an OR'ed set of multiple access rights or MAXIMUM_ALLOWED to request all of possible access rights the target object allows. If only some rights were granted but not all the access is deemed as denied. |
[in] | ObjectTypeList | A pointer to a given object type list. This function will perform an access check against the main object and sub-objects of this list. This parameter must not be NULL! |
[in] | ObjectTypeListLength | The length of the object type list array, pointed by ObjectTypeList. This length in question represents the number of elements in such array. This parameter must be 0 if no array list is provided. |
[in] | GenericMapping | The generic mapping of access rights of an object type. |
[out] | PrivilegeSet | A pointer to a set of privileges that were used to perform the access check, returned to caller. This function will return no privileges (privilege count set to 0) if no privileges were used to accomplish the access check. This parameter must not be NULL! |
[in,out] | PrivilegeSetLength | The total length size of a set of privileges. This length represents the count of elements in the privilege set array. |
[out] | GrantedAccess | A pointer to granted access rights. This parameter is an array of granted rights for the object and each sub-object of an object type list. |
[out] | AccessStatus | A pointer to a boolean value that indicates whether access is granted or denied to the client that requests access to the object and sub-objects of an object type list. This parameter is an array of boolean values for the object and each individual sub-object of the list. |
Definition at line 1881 of file security.c.
Definition at line 1039 of file security.c.
Referenced by AccRewriteSetEntriesInAcl(), convert_nfs4acl_2_dacl(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), GetShellSecurityDescriptor(), test_AccessCheck(), test_AddMandatoryAce(), test_GetExplicitEntriesFromAclW(), test_process_security(), test_SetEntriesInAclA(), and test_SetEntriesInAclW().
BOOL WINAPI AddAccessAllowedAceEx | ( | PACL | pAcl, |
DWORD | dwAceRevision, | ||
DWORD | AceFlags, | ||
DWORD | AccessMask, | ||
PSID | pSid | ||
) |
Definition at line 1063 of file security.c.
Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), CreateApplicationDesktopSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), get_sd(), and GetShellSecurityDescriptor().
Definition at line 1090 of file security.c.
Referenced by AccRewriteSetEntriesInAcl(), convert_nfs4acl_2_dacl(), GetShellSecurityDescriptor(), test_AccessCheck(), and test_process_security().
BOOL WINAPI AddAccessDeniedAceEx | ( | PACL | pAcl, |
DWORD | dwAceRevision, | ||
DWORD | AceFlags, | ||
DWORD | AccessMask, | ||
PSID | pSid | ||
) |
Definition at line 1114 of file security.c.
Referenced by GetShellSecurityDescriptor().
BOOL WINAPI AddAce | ( | PACL | pAcl, |
DWORD | dwAceRevision, | ||
DWORD | dwStartingAceIndex, | ||
LPVOID | pAceList, | ||
DWORD | nAceListLength | ||
) |
Definition at line 1141 of file security.c.
Referenced by test_AddAce().
BOOL WINAPI AddAuditAccessAce | ( | PACL | pAcl, |
DWORD | dwAceRevision, | ||
DWORD | dwAccessMask, | ||
PSID | pSid, | ||
BOOL | bAuditSuccess, | ||
BOOL | bAuditFailure | ||
) |
Definition at line 1951 of file security.c.
BOOL WINAPI AddAuditAccessAceEx | ( | PACL | pAcl, |
DWORD | dwAceRevision, | ||
DWORD | AceFlags, | ||
DWORD | dwAccessMask, | ||
PSID | pSid, | ||
BOOL | bAuditSuccess, | ||
BOOL | bAuditFailure | ||
) |
Definition at line 1979 of file security.c.
BOOL WINAPI AdjustTokenGroups | ( | HANDLE | TokenHandle, |
BOOL | ResetToDefault, | ||
PTOKEN_GROUPS | NewState, | ||
DWORD | BufferLength, | ||
PTOKEN_GROUPS | PreviousState, | ||
PDWORD | ReturnLength | ||
) |
Definition at line 346 of file security.c.
BOOL WINAPI AdjustTokenPrivileges | ( | HANDLE | TokenHandle, |
BOOL | DisableAllPrivileges, | ||
PTOKEN_PRIVILEGES | NewState, | ||
DWORD | BufferLength, | ||
PTOKEN_PRIVILEGES | PreviousState, | ||
PDWORD | ReturnLength | ||
) |
Definition at line 374 of file security.c.
Referenced by AcquireRemoveRestorePrivilege(), AddDeviceW(), DisablePrivilege(), DisableTokenPrivileges(), EnablePrivilege(), EnableProcessPrivileges(), enableTokenPrivilege(), CShellCommandSACL::Execute(), FormatEx2(), InstallReactOS(), named_pipe_client_func(), PauseBalanceW(), Privilege(), pSetupEnablePrivilege(), RecvSubvolGUIW(), RecvSubvolW(), RemoveDeviceW(), ResetStatsW(), ResizeDeviceW(), ScmEnableBackupRestorePrivileges(), SendSubvolGUIW(), SendSubvolW(), set_privileges(), SetDriverLoadPrivilege(), SetPrivilege(), SHInvokePrivilegedFunctionW(), ShowScrubW(), ShutdownSystem(), StartBalanceW(), StartScrubW(), StopBalanceW(), StopScrubW(), SystemSetLocalTime(), SystemSetTime(), test8(), test_AdjustTokenPrivileges(), test_SetFileValidData(), test_system_security_access(), UpdateDriver(), WinMain(), and wWinMain().
Definition at line 273 of file security.c.
Referenced by ComputeStringSidSize(), and ParseStringSidToSid().
Definition at line 251 of file security.c.
BOOL WINAPI AllocateAndInitializeSid | ( | PSID_IDENTIFIER_AUTHORITY | pIdentifierAuthority, |
BYTE | nSubAuthorityCount, | ||
DWORD | nSubAuthority0, | ||
DWORD | nSubAuthority1, | ||
DWORD | nSubAuthority2, | ||
DWORD | nSubAuthority3, | ||
DWORD | nSubAuthority4, | ||
DWORD | nSubAuthority5, | ||
DWORD | nSubAuthority6, | ||
DWORD | nSubAuthority7, | ||
PSID * | pSid | ||
) |
Definition at line 674 of file security.c.
Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), check_wellknown_name(), CheckForGuestsAndAdmins(), CreateApplicationDesktopSecurity(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreateLogoffSecurityAttributes(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), GetShellSecurityDescriptor(), Imm32IsInteractiveUserLogon(), is_process_limited(), is_token_admin(), IsCallerInteractive(), IsInteractiveUserLogon(), IsNTAdmin(), IsUserAdmin(), PerfDataInitialize(), pSetupIsUserAdmin(), SHTestTokenMembership(), START_TEST(), test_AccessCheck(), test_AddMandatoryAce(), test_CreateWellKnownSid(), test_EqualSid(), test_GetExplicitEntriesFromAclW(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_LookupAccountSid(), test_process_security(), test_reg_create_key(), test_reg_open_key(), test_SetEntriesInAclA(), test_SetEntriesInAclW(), test_sid(), and test_trustee().
Definition at line 1218 of file security.c.
Referenced by CookupNodeId(), LogonUserExW(), MyLogonUser(), and wined3d_adapter_init().
Definition at line 2532 of file security.c.
Definition at line 2544 of file security.c.
VOID WINAPI BuildExplicitAccessWithNameA | ( | PEXPLICIT_ACCESSA | pExplicitAccess, |
LPSTR | pTrusteeName, | ||
DWORD | AccessPermissions, | ||
ACCESS_MODE | AccessMode, | ||
DWORD | Inheritance | ||
) |
Definition at line 2130 of file security.c.
VOID WINAPI BuildExplicitAccessWithNameW | ( | PEXPLICIT_ACCESSW | pExplicitAccess, |
LPWSTR | pTrusteeName, | ||
DWORD | AccessPermissions, | ||
ACCESS_MODE | AccessMode, | ||
DWORD | Inheritance | ||
) |
Definition at line 2152 of file security.c.
VOID WINAPI BuildTrusteeWithNameA | ( | PTRUSTEE_A | pTrustee, |
LPSTR | name | ||
) |
Definition at line 2375 of file security.c.
VOID WINAPI BuildTrusteeWithNameW | ( | PTRUSTEE_W | pTrustee, |
LPWSTR | name | ||
) |
Definition at line 2391 of file security.c.
VOID WINAPI BuildTrusteeWithObjectsAndNameA | ( | PTRUSTEEA | pTrustee, |
POBJECTS_AND_NAME_A | pObjName, | ||
SE_OBJECT_TYPE | ObjectType, | ||
LPSTR | ObjectTypeName, | ||
LPSTR | InheritedObjectTypeName, | ||
LPSTR | Name | ||
) |
Definition at line 2172 of file security.c.
VOID WINAPI BuildTrusteeWithObjectsAndNameW | ( | PTRUSTEEW | pTrustee, |
POBJECTS_AND_NAME_W | pObjName, | ||
SE_OBJECT_TYPE | ObjectType, | ||
LPWSTR | ObjectTypeName, | ||
LPWSTR | InheritedObjectTypeName, | ||
LPWSTR | Name | ||
) |
Definition at line 2208 of file security.c.
VOID WINAPI BuildTrusteeWithObjectsAndSidA | ( | PTRUSTEEA | pTrustee, |
POBJECTS_AND_SID | pObjSid, | ||
GUID * | pObjectGuid, | ||
GUID * | pInheritedObjectGuid, | ||
PSID | pSid | ||
) |
Definition at line 2245 of file security.c.
VOID WINAPI BuildTrusteeWithObjectsAndSidW | ( | PTRUSTEEW | pTrustee, |
POBJECTS_AND_SID | pObjSid, | ||
GUID * | pObjectGuid, | ||
GUID * | pInheritedObjectGuid, | ||
PSID | pSid | ||
) |
Definition at line 2294 of file security.c.
VOID WINAPI BuildTrusteeWithSidA | ( | PTRUSTEE_A | pTrustee, |
PSID | pSid | ||
) |
Definition at line 2342 of file security.c.
VOID WINAPI BuildTrusteeWithSidW | ( | PTRUSTEE_W | pTrustee, |
PSID | pSid | ||
) |
Definition at line 2359 of file security.c.
Definition at line 3934 of file security.c.
Referenced by ParseStringSidToSid().
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA | ( | PSECURITY_DESCRIPTOR | SecurityDescriptor, |
DWORD | SDRevision, | ||
SECURITY_INFORMATION | Information, | ||
LPSTR * | OutputString, | ||
PULONG | OutputLen | ||
) |
Definition at line 3499 of file security.c.
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW | ( | PSECURITY_DESCRIPTOR | SecurityDescriptor, |
DWORD | SDRevision, | ||
SECURITY_INFORMATION | RequestedInformation, | ||
LPWSTR * | OutputString, | ||
PULONG | OutputLen | ||
) |
Definition at line 3435 of file security.c.
Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorA().
Definition at line 3637 of file security.c.
Referenced by debugstr_sid(), get_user_sid(), map_name_2_sid(), test_CreateWellKnownSid(), test_LookupAccountSid(), test_lsa(), test_sid(), test_sid_str(), test_token_attr(), and test_token_label().
Definition at line 3583 of file security.c.
Referenced by _GetUserSidStringFromToken(), AddUserProfiles(), ConvertSidToStringSidA(), CreateUserProfileExW(), get_user_sid(), GetEventUserName(), GetPrincipalDisplayString(), RecycleBin5::Init(), LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupBuiltinDomainSids(), LsapLookupWellKnownSids(), MsiSourceListAddSourceW(), SampAddMemberToAlias(), SampRemoveMemberFromAlias(), SampRemoveMemberFromAllAliases(), SampSetupAddMemberToAlias(), set_user_sid_prop(), START_TEST(), UpdatePrincipalInfo(), WhoamiGroups(), WhoamiLogonId(), and WhoamiUser().
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA | ( | LPCSTR | StringSecurityDescriptor, |
DWORD | StringSDRevision, | ||
PSECURITY_DESCRIPTOR * | SecurityDescriptor, | ||
PULONG | SecurityDescriptorSize | ||
) |
Definition at line 3032 of file security.c.
Referenced by test_profile_directory_readonly().
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW | ( | LPCWSTR | StringSecurityDescriptor, |
DWORD | StringSDRevision, | ||
PSECURITY_DESCRIPTOR * | SecurityDescriptor, | ||
PULONG | SecurityDescriptorSize | ||
) |
Definition at line 3062 of file security.c.
Referenced by ConvertStringSecurityDescriptorToSecurityDescriptorA(), InstallOneService(), registry_callback(), and SetupQueueCopyIndirectW().
Definition at line 3560 of file security.c.
Referenced by test_LsaLookupSids().
Definition at line 3536 of file security.c.
Referenced by ConvertStringSidToSidA(), and fill_sid().
Definition at line 712 of file security.c.
Referenced by AccpLookupSidByName(), AccRewriteGetExplicitEntriesFromAcl(), AddPrincipalToList(), AuthzGetInformationFromContext(), AuthzInitializeContextFromSid(), BuildDefaultPrincipalAce(), CachedGetUserFromSid(), CacheLookupResults(), GetUserSid(), LookupAccountNameW(), QueueSidLookup(), ReloadPrincipalsList(), and test_LookupAccountSid().
BOOL WINAPI CreateProcessWithLogonW | ( | _In_ LPCWSTR | lpUsername, |
_In_opt_ LPCWSTR | lpDomain, | ||
_In_ LPCWSTR | lpPassword, | ||
_In_ DWORD | dwLogonFlags, | ||
_In_opt_ LPCWSTR | lpApplicationName, | ||
_Inout_opt_ LPWSTR | lpCommandLine, | ||
_In_ DWORD | dwCreationFlags, | ||
_In_opt_ LPVOID | lpEnvironment, | ||
_In_opt_ LPCWSTR | lpCurrentDirectory, | ||
_In_ LPSTARTUPINFOW | lpStartupInfo, | ||
_Out_ LPPROCESS_INFORMATION | lpProcessInformation | ||
) |
Definition at line 3728 of file security.c.
Referenced by wmain().
BOOL WINAPI CreateProcessWithTokenW | ( | HANDLE | token, |
DWORD | logon_flags, | ||
LPCWSTR | application_name, | ||
LPWSTR | command_line, | ||
DWORD | creation_flags, | ||
void * | environment, | ||
LPCWSTR | current_directory, | ||
STARTUPINFOW * | startup_info, | ||
PROCESS_INFORMATION * | process_information | ||
) |
Definition at line 3841 of file security.c.
BOOL WINAPI CreateRestrictedToken | ( | _In_ HANDLE | ExistingTokenHandle, |
_In_ DWORD | Flags, | ||
_In_ DWORD | DisableSidCount, | ||
_In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES | SidsToDisable, | ||
_In_ DWORD | DeletePrivilegeCount, | ||
_In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES | PrivilegesToDelete, | ||
_In_ DWORD | RestrictedSidCount, | ||
_In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES | SidsToRestrict, | ||
_Outptr_ PHANDLE | NewTokenHandle | ||
) |
Creates a filtered token that is a restricted one of the regular access token. A restricted token can have disabled SIDs, deleted privileges and/or restricted SIDs added.
[in] | ExistingTokenHandle | An existing handle to a token where it's to be filtered. |
[in] | Flags | Privilege flag options. This parameter argument influences how the token is filtered. Such parameter can be 0. |
[in] | DisableSidCount | The count number of SIDs to disable. |
[in] | SidsToDisable | An array list with SIDs that have to be disabled in a token. |
[in] | DeletePrivilegeCount | The count number of privileges to be deleted. |
[in] | PrivilegesToDelete | An array list with privileges that have to be deleted in a token. |
[in] | RestrictedSidCount | The count number of restricted SIDs. |
[in] | SidsToRestrict | An array list with restricted SIDs to be added into the token. If the token already has restricted SIDs then the array provided by the caller is redundant information alongside with the existing restricted SIDs in the token. |
[out] | NewTokenHandle | The newly received handle to a restricted (filtered) token. The caller can use such handle to duplicate a new token. |
Definition at line 533 of file security.c.
Referenced by test_token_security_descriptor().
BOOL WINAPI CreateWellKnownSid | ( | IN WELL_KNOWN_SID_TYPE | WellKnownSidType, |
IN PSID DomainSid | OPTIONAL, | ||
OUT PSID | pSid, | ||
IN OUT DWORD * | cbSid | ||
) |
Definition at line 722 of file security.c.
Referenced by create_unknownsid(), get_sd(), test_SystemSecurity(), and well_known_sid().
Definition at line 174 of file security.c.
Referenced by check_wellknown_name(), CreateWellKnownSid(), IsWellKnownSid(), test_EqualSid(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_GetWindowsAccountDomainSid(), test_group_equal(), test_inherited_dacl(), test_owner_equal(), and test_TokenIntegrityLevel().
Definition at line 1166 of file security.c.
Definition at line 3260 of file security.c.
Referenced by DumpAcl().
|
static |
Definition at line 3319 of file security.c.
Referenced by DumpDacl(), and DumpSacl().
|
static |
Definition at line 3386 of file security.c.
Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().
|
static |
Definition at line 3368 of file security.c.
Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().
|
static |
Definition at line 3350 of file security.c.
Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().
Definition at line 3221 of file security.c.
Referenced by DumpAce().
|
static |
Definition at line 3409 of file security.c.
Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().
Definition at line 3171 of file security.c.
Referenced by DumpAce(), DumpGroup(), and DumpOwner().
Definition at line 3132 of file security.c.
Referenced by DumpSid().
Definition at line 3117 of file security.c.
Referenced by DumpAce(), DumpAcl(), DumpDacl(), DumpGroup(), DumpOwner(), DumpRights(), DumpSacl(), DumpSid(), and DumpSidNumeric().
BOOL WINAPI DuplicateToken | ( | IN HANDLE | ExistingTokenHandle, |
IN SECURITY_IMPERSONATION_LEVEL | ImpersonationLevel, | ||
OUT PHANDLE | DuplicateTokenHandle | ||
) |
Definition at line 3919 of file security.c.
Referenced by GetDuplicateToken(), test_AccessCheck(), test_CheckTokenMembership(), test_impersonation_level(), test_kernel_objects_security(), and test_token_attr().
BOOL WINAPI DuplicateTokenEx | ( | IN HANDLE | ExistingTokenHandle, |
IN DWORD | dwDesiredAccess, | ||
IN LPSECURITY_ATTRIBUTES lpTokenAttributes | OPTIONAL, | ||
IN SECURITY_IMPERSONATION_LEVEL | ImpersonationLevel, | ||
IN TOKEN_TYPE | TokenType, | ||
OUT PHANDLE | DuplicateTokenHandle | ||
) |
Definition at line 3859 of file security.c.
Referenced by CheckTokenMembership(), DuplicateToken(), LaunchProcess(), START_TEST(), test_CreateRestrictedToken(), test_token_security_descriptor(), and WlxStartApplication().
Definition at line 4184 of file security.c.
Definition at line 841 of file security.c.
Referenced by test_process_security().
Definition at line 829 of file security.c.
Referenced by _test_group(), CachedGetUserFromSid(), check_wellknown_name(), CheckForGuestsAndAdmins(), DequeueSidLookup(), DumpSid(), FindSidInCache(), FindSidInPrincipalsListAddAce(), GetEventUserName(), is_token_admin(), IsNTAdmin(), IsWellKnownSid(), LsapSetTokenOwner(), map_nfs4ace_who(), PrintSid(), QueueSidLookup(), RunningAsSYSTEM(), test_AddMandatoryAce(), test_child_token_sd(), test_child_token_sd_medium(), test_child_token_sd_restricted(), test_CreateRestrictedToken(), test_default_dacl_owner_sid(), test_EqualSid(), test_GetExplicitEntriesFromAclW(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_GetWindowsAccountDomainSid(), test_group_equal(), test_inherited_dacl(), test_owner_equal(), test_SystemSecurity(), test_token_label(), test_token_security_descriptor(), test_TokenIntegrityLevel(), and UpdatePrincipalInfo().
Definition at line 1176 of file security.c.
Definition at line 698 of file security.c.
Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), check_wellknown_name(), CheckForGuestsAndAdmins(), CreateApplicationDesktopSecurity(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), GetShellSecurityDescriptor(), Imm32IsInteractiveUserLogon(), is_process_limited(), is_token_admin(), IsCallerInteractive(), IsInteractiveUserLogon(), IsNTAdmin(), IsUserAdmin(), PerfDataUninitialize(), pSetupIsUserAdmin(), SHTestTokenMembership(), START_TEST(), test_AccessCheck(), test_AddMandatoryAce(), test_CreateWellKnownSid(), test_EqualSid(), test_GetExplicitEntriesFromAclW(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_LookupAccountSid(), test_LsaLookupSids(), test_process_security(), test_reg_create_key(), test_reg_open_key(), test_SetEntriesInAclA(), test_SetEntriesInAclW(), test_sid(), and test_trustee().
Definition at line 1186 of file security.c.
Referenced by AccRewriteGetExplicitEntriesFromAcl(), AccRewriteSetEntriesInAcl(), DumpAcl(), CSecurityDescriptor::GetDACLEntry(), CSecurityDescriptor::GetSACLEntry(), map_dacl_2_nfs4acl(), PrintFileDacl(), ReloadPrincipalsList(), and test_GetShellSecurityDescriptor().
BOOL WINAPI GetAclInformation | ( | PACL | pAcl, |
LPVOID | pAclInformation, | ||
DWORD | nAclInformationLength, | ||
ACL_INFORMATION_CLASS | dwAclInformationClass | ||
) |
Definition at line 1194 of file security.c.
Referenced by AccRewriteSetEntriesInAcl(), CSecurityDescriptor::GetDACLEntriesCount(), CSecurityDescriptor::GetSACLEntriesCount(), and test_GetShellSecurityDescriptor().
Definition at line 3702 of file security.c.
Referenced by CreateProcessWithLogonW().
BOOL WINAPI GetFileSecurityA | ( | LPCSTR | lpFileName, |
SECURITY_INFORMATION | RequestedInformation, | ||
PSECURITY_DESCRIPTOR | pSecurityDescriptor, | ||
DWORD | nLength, | ||
LPDWORD | lpnLengthNeeded | ||
) |
Definition at line 1373 of file security.c.
Referenced by test_FileSecurity().
BOOL WINAPI GetFileSecurityW | ( | LPCWSTR | lpFileName, |
SECURITY_INFORMATION | RequestedInformation, | ||
PSECURITY_DESCRIPTOR | pSecurityDescriptor, | ||
DWORD | nLength, | ||
LPDWORD | lpnLengthNeeded | ||
) |
Definition at line 1404 of file security.c.
Referenced by GetFileSecurityA(), and RetreiveFileSecurity().
BOOL WINAPI GetKernelObjectSecurity | ( | HANDLE | Handle, |
SECURITY_INFORMATION | RequestedInformation, | ||
PSECURITY_DESCRIPTOR | pSecurityDescriptor, | ||
DWORD | nLength, | ||
LPDWORD | lpnLengthNeeded | ||
) |
Definition at line 987 of file security.c.
Referenced by test_AddMandatoryAce(), test_child_token_sd(), test_child_token_sd_medium(), test_child_token_sd_restricted(), test_default_dacl_owner_sid(), test_get_security_descriptor(), test_token_label(), and test_token_security_descriptor().
Definition at line 919 of file security.c.
Referenced by AccpCalcNeededAceSize(), AccpLookupCurrentUser(), AccpLookupSidByName(), AccRewriteGetExplicitEntriesFromAcl(), AddPrincipalToList(), AllowAccessOnSession(), AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), AuthzGetInformationFromContext(), AuthzInitializeContextFromSid(), AuthzpQueryToken(), BuildDefaultPrincipalAce(), CachedGetUserFromSid(), CacheLookupResults(), CreateApplicationDesktopSecurity(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateScreenSaverSecurity(), CreateUserProfileExW(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), fill_sid(), GetShellSecurityDescriptor(), GetUserSid(), LsarpCreateAccount(), QueueSidLookup(), ReloadPrincipalsList(), and test_LookupAccountName().
DWORD WINAPI GetNamedSecurityInfoA | ( | LPSTR | pObjectName, |
SE_OBJECT_TYPE | ObjectType, | ||
SECURITY_INFORMATION | SecurityInfo, | ||
PSID * | ppsidOwner, | ||
PSID * | ppsidGroup, | ||
PACL * | ppDacl, | ||
PACL * | ppSacl, | ||
PSECURITY_DESCRIPTOR * | ppSecurityDescriptor | ||
) |
Definition at line 4102 of file security.c.
DWORD WINAPI GetSecurityInfoExA | ( | HANDLE | hObject, |
SE_OBJECT_TYPE | ObjectType, | ||
SECURITY_INFORMATION | SecurityInfo, | ||
LPCSTR | lpProvider, | ||
LPCSTR | lpProperty, | ||
PACTRL_ACCESSA * | ppAccessList, | ||
PACTRL_AUDITA * | ppAuditList, | ||
LPSTR * | lppOwner, | ||
LPSTR * | lppGroup | ||
) |
Definition at line 2092 of file security.c.
DWORD WINAPI GetSecurityInfoExW | ( | HANDLE | hObject, |
SE_OBJECT_TYPE | ObjectType, | ||
SECURITY_INFORMATION | SecurityInfo, | ||
LPCWSTR | lpProvider, | ||
LPCWSTR | lpProperty, | ||
PACTRL_ACCESSW * | ppAccessList, | ||
PACTRL_AUDITW * | ppAuditList, | ||
LPWSTR * | lppOwner, | ||
LPWSTR * | lppGroup | ||
) |
Definition at line 2112 of file security.c.
PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority | ( | PSID | pSid | ) |
Definition at line 885 of file security.c.
Referenced by GetTextSid(), GetTextualSid(), and test_GetSidIdentifierAuthority().
Definition at line 852 of file security.c.
Referenced by ComputeStringSidSize(), CreateWellKnownSid(), GetWindowsAccountDomainSid(), LookupAccountNameW(), ParseStringSidToSid(), test_CreateWellKnownSid(), test_GetWindowsAccountDomainSid(), and test_LookupAccountSid().
Definition at line 896 of file security.c.
Referenced by CreateWellKnownSid(), GetTextSid(), GetTextualSid(), GetWindowsAccountDomainSid(), LookupAccountNameW(), test_GetSecurityInfo(), test_GetWindowsAccountDomainSid(), and test_sid().
Definition at line 908 of file security.c.
Referenced by ComputeStringSidSize(), CreateWellKnownSid(), GetTextSid(), GetTextualSid(), GetWindowsAccountDomainSid(), LookupAccountNameW(), test_CreateWellKnownSid(), and test_LookupAccountSid().
BOOL WINAPI GetTokenInformation | ( | HANDLE | TokenHandle, |
TOKEN_INFORMATION_CLASS | TokenInformationClass, | ||
LPVOID | TokenInformation, | ||
DWORD | TokenInformationLength, | ||
PDWORD | ReturnLength | ||
) |
Definition at line 411 of file security.c.
Referenced by _GetUserSidStringFromToken(), AccpLookupCurrentUser(), AddUserProfiles(), AllowAccessOnSession(), are_all_privileges_disabled(), AuthzpQueryToken(), CheckForGuestsAndAdmins(), CreateProfile(), DoesUserHavePrivilege(), DwInitializeSdFromThreadToken(), get_admin_token(), get_current_group(), get_current_owner(), get_privilege_count(), get_user_sid(), GetFromToken(), GetShellSecurityDescriptor(), GetUserAndDomainName(), GetUserNameW(), GetUserSid(), GetUserSIDString(), GetUserToken(), ImpersonatePrinterClient(), RecycleBin5::Init(), is_process_elevated(), is_process_limited(), is_token_admin(), IsNTAdmin(), LoadUserProfileW(), named_pipe_client_func(), PerfDataRefresh(), RunningAsSYSTEM(), SHCreateSessionKey(), SHGetUserSessionId(), SHTestTokenPrivilegeW(), START_TEST(), TakeOwnershipOfFile(), test_CheckTokenMembership(), test_child_token_sd_medium(), test_child_token_sd_restricted(), test_CreateDirectoryA(), test_CreateRestrictedToken(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_GetTokenInformation(), test_GetWindowsAccountDomainSid(), test_ImpersonateNamedPipeClient(), test_impersonation_level(), test_LookupAccountSid(), test_lsa(), test_LsaLookupSids(), test_process_security(), test_pseudo_tokens(), test_token_attr(), test_token_security_descriptor(), test_TokenIntegrityLevel(), TestGetUserObjectInfoW(), validate_impersonation_token(), and WhoamiGetTokenInfo().
TRUSTEE_FORM WINAPI GetTrusteeFormA | ( | PTRUSTEEA | pTrustee | ) |
Definition at line 2406 of file security.c.
Referenced by InternalExplicitAccessAToW(), and InternalTrusteeAToW().
TRUSTEE_FORM WINAPI GetTrusteeFormW | ( | PTRUSTEEW | pTrustee | ) |
Definition at line 2419 of file security.c.
LPSTR WINAPI GetTrusteeNameA | ( | PTRUSTEE_A | pTrustee | ) |
Definition at line 2433 of file security.c.
Referenced by InternalExplicitAccessAToW(), and InternalTrusteeAToW().
LPWSTR WINAPI GetTrusteeNameW | ( | PTRUSTEE_W | pTrustee | ) |
Definition at line 2443 of file security.c.
TRUSTEE_TYPE WINAPI GetTrusteeTypeA | ( | PTRUSTEE_A | pTrustee | ) |
Definition at line 2452 of file security.c.
TRUSTEE_TYPE WINAPI GetTrusteeTypeW | ( | PTRUSTEE_W | pTrustee | ) |
Definition at line 2461 of file security.c.
Definition at line 3679 of file security.c.
Referenced by CreateProcessWithLogonW().
Definition at line 4136 of file security.c.
Definition at line 1024 of file security.c.
Referenced by rpcrt4_conn_np_impersonate_client(), and test_ImpersonateNamedPipeClient().
BOOL WINAPI ImpersonateSelf | ( | SECURITY_IMPERSONATION_LEVEL | ImpersonationLevel | ) |
Definition at line 1631 of file security.c.
Referenced by test_FileSecurity(), and test_impersonation_level().
Definition at line 1006 of file security.c.
Referenced by AccRewriteSetEntriesInAcl(), AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), convert_nfs4acl_2_dacl(), CreateApplicationDesktopSecurity(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), get_sd(), GetShellSecurityDescriptor(), test_AccessCheck(), test_acls(), test_AddAce(), test_AddMandatoryAce(), test_ConvertSecurityDescriptorToString(), test_CreateDirectoryA(), test_event(), test_GetExplicitEntriesFromAclW(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_maximum_allowed(), test_process_security(), test_SetEntriesInAclA(), test_SetEntriesInAclW(), and test_token_security_descriptor().
BOOL WINAPI InitializeSecurityDescriptor | ( | PSECURITY_DESCRIPTOR | pSecurityDescriptor, |
DWORD | dwRevision | ||
) |
Definition at line 929 of file security.c.
Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), CreateAllAccessSecurityAttributes(), CreateApplicationDesktopSecurity(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreateLogoffSecurityAttributes(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateProfileMutex(), CreatePublicEvent(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), DwInitializeSdFromThreadToken(), get_sd(), GetShellSecurityDescriptor(), handle_getacl(), InitializeAudioDeviceListLock(), pSetSecurityInfoCheck(), START_TEST(), TakeOwnershipOfFile(), test_AccessCheck(), test_AddMandatoryAce(), test_BuildSecurityDescriptorW(), test_ConvertSecurityDescriptorToString(), test_CopyBindInfo(), test_CreateDirectoryA(), test_default_dacl_owner_sid(), test_event(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_maximum_allowed(), test_process_security(), test_reg_create_key(), test_reg_open_key(), test_security_descriptor(), test_security_info(), and test_token_security_descriptor().
BOOL WINAPI InitializeSid | ( | PSID | Sid, |
PSID_IDENTIFIER_AUTHORITY | pIdentifierAuthority, | ||
BYTE | nSubAuthorityCount | ||
) |
Definition at line 862 of file security.c.
Referenced by GetWindowsAccountDomainSid(), and test_GetWindowsAccountDomainSid().
Definition at line 1209 of file security.c.
Referenced by DumpAcl(), CSecurityDescriptor::HasValidDACL(), CSecurityDescriptor::HasValidSACL(), test_acls(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), and test_GetShellSecurityDescriptor().
Definition at line 819 of file security.c.
Referenced by AuthzInitializeContextFromSid(), CreateWellKnownSid(), DumpSidNumeric(), CShellCommandDACL::Execute(), CShellCommandOwner::Execute(), CShellCommandSACL::Execute(), GetEventUserName(), GetTextualSid(), GetWindowsAccountDomainSid(), map_name_2_sid(), test_CreateWellKnownSid(), and test_GetSidIdentifierAuthority().
Definition at line 796 of file security.c.
Referenced by is_well_known_sid(), and test_token_attr().
BOOL WINAPI LookupAccountNameA | ( | LPCSTR | SystemName, |
LPCSTR | AccountName, | ||
PSID | Sid, | ||
LPDWORD | SidLength, | ||
LPSTR | ReferencedDomainName, | ||
LPDWORD | hReferencedDomainNameLength, | ||
PSID_NAME_USE | SidNameUse | ||
) |
Definition at line 2012 of file security.c.
Referenced by check_wellknown_name(), and test_LookupAccountName().
BOOL WINAPI LookupPrivilegeDisplayNameA | ( | LPCSTR | lpSystemName, |
LPCSTR | lpName, | ||
LPSTR | lpDisplayName, | ||
LPDWORD | cchDisplayName, | ||
LPDWORD | lpLanguageId | ||
) |
Definition at line 1239 of file security.c.