155 #define ADS_RIGHT_DS_CREATE_CHILD 0x0001 156 #define ADS_RIGHT_DS_DELETE_CHILD 0x0002 157 #define ADS_RIGHT_ACTRL_DS_LIST 0x0004 158 #define ADS_RIGHT_DS_SELF 0x0008 159 #define ADS_RIGHT_DS_READ_PROP 0x0010 160 #define ADS_RIGHT_DS_WRITE_PROP 0x0020 161 #define ADS_RIGHT_DS_DELETE_TREE 0x0040 162 #define ADS_RIGHT_DS_LIST_OBJECT 0x0080 163 #define ADS_RIGHT_DS_CONTROL_ACCESS 0x0100 259 if (!ServerName || !ServerName[0])
264 if (
Result && (ServerName[0] ==
'\\') && (ServerName[1] ==
'\\'))
282 DWORD SubAuthority[4];
286 memcpy(
sid, &computer_sid,
sizeof(computer_sid) );
309 ERR(
"NtOpenProcessToken failed! Status %08x.\n",
Status);
377 BOOL DisableAllPrivileges,
386 DisableAllPrivileges,
519 FIXME(
"(%p, 0x%x, %u, %p, %u, %p, %u, %p, %p): stub\n",
520 baseToken,
flags, nDisableSids, disableSids,
521 nDeletePrivs, deletePrivs,
522 nRestrictSids, restrictSids,
554 BYTE nSubAuthorityCount,
562 pIdentifierAuthority, nSubAuthorityCount,
563 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
564 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
648 if (*
cbSid < output_sid_length)
650 *
cbSid = output_sid_length;
662 *
cbSid = output_sid_length;
743 BYTE nSubAuthorityCount)
748 pIdentifierAuthority,
831 LPDWORD lpdwAbsoluteSecurityDescriptorSize,
844 pAbsoluteSecurityDescriptor,
845 lpdwAbsoluteSecurityDescriptorSize,
853 lpdwPrimaryGroupSize);
873 TRACE(
"(%p,0x%08x,%p,0x%08x,%p)\n",
Handle, RequestedInformation,
874 pSecurityDescriptor,
nLength, lpnLengthNeeded);
907 TRACE(
"(%p)\n", hNamedPipe);
1022 DWORD dwStartingAceIndex,
1024 DWORD nAceListLength)
1076 DWORD nAclInformationLength,
1080 nAclInformationLength, dwAclInformationClass));
1268 RequestedInformation,
1269 pSecurityDescriptor,
1296 TRACE(
"GetFileSecurityW() called\n");
1305 ERR(
"Invalid path\n");
1329 ERR(
"NtOpenFile() failed (Status %lx)\n",
Status);
1335 RequestedInformation,
1336 pSecurityDescriptor,
1342 ERR(
"NtQuerySecurityObject() failed (Status %lx)\n",
Status);
1373 pSecurityDescriptor);
1399 TRACE(
"SetFileSecurityW() called\n");
1408 ERR(
"Invalid path\n");
1432 ERR(
"NtOpenFile() failed (Status %lx)\n",
Status);
1439 pSecurityDescriptor);
1444 ERR(
"NtSetSecurityObject() failed (Status %lx)\n",
Status);
1478 FIXME(
"(0x%08x,0x%08x,0x%08x,0x%08x):stub\n",
x1,
x2,x3,x4);
1547 (
PULONG)PrivilegeSetLength,
1581 PSID PrincipalSelfSid,
1585 DWORD ObjectTypeListLength,
1693 LPDWORD hReferencedDomainNameLength,
1707 *hReferencedDomainNameLength *
sizeof(
WCHAR));
1713 lpReferencedDomainNameW,
1714 hReferencedDomainNameLength,
1717 if (
ret && lpReferencedDomainNameW)
1721 lpReferencedDomainNameW,
1722 *hReferencedDomainNameLength + 1,
1724 *hReferencedDomainNameLength + 1,
1808 DWORD AccessPermissions,
1830 DWORD AccessPermissions,
1852 DWORD ObjectsPresent = 0;
1888 DWORD ObjectsPresent = 0;
1927 DWORD ObjectsPresent = 0;
1976 DWORD ObjectsPresent = 0;
2084 TRACE(
"(%p)\n", pTrustee);
2097 TRACE(
"(%p)\n", pTrustee);
2149 DWORD nAclInformationLength,
2156 nAclInformationLength,
2157 dwAclInformationClass);
2235 while (*szAcl && *szAcl !=
'(')
2241 else if (*szAcl ==
'A')
2246 else if (*szAcl ==
'I')
2281 while (*szAcl ==
' ')
2284 while (lpaf->
wstr &&
2292 *StringAcl = szAcl +
len;
2318 while (*szAcl ==
' ')
2321 while (*szAcl !=
';')
2325 while (lpaf->
wstr &&
2389 while (*szAcl ==
' ')
2392 if ((*szAcl ==
'0') && (*(szAcl + 1) ==
'x'))
2396 while (*
p && *
p !=
';')
2399 if (
p - szAcl <= 10 )
2409 while (*szAcl !=
';')
2413 while (lpaf->
wstr &&
2423 rights |= lpaf->
value;
2461 while (*StringAcl ==
'(')
2469 if (*StringAcl !=
';')
2480 if (*StringAcl !=
';')
2488 if (*StringAcl !=
';')
2493 while (*StringAcl ==
' ')
2495 if (*StringAcl !=
';')
2497 FIXME(
"Support for *_OBJECT_ACE_TYPE not implemented\n");
2503 while (*StringAcl ==
' ')
2505 if (*StringAcl !=
';')
2507 FIXME(
"Support for *_OBJECT_ACE_TYPE not implemented\n");
2515 while (*StringAcl && *StringAcl !=
')')
2519 if (*StringAcl !=
')')
2537 ERR(
"ACL too large\n");
2553 WARN(
"Invalid ACE string format\n");
2561 LPCWSTR StringSecurityDescriptor,
2579 while (*StringSecurityDescriptor ==
' ')
2580 StringSecurityDescriptor++;
2582 while (*StringSecurityDescriptor)
2584 toktype = *StringSecurityDescriptor;
2587 StringSecurityDescriptor++;
2588 if (*StringSecurityDescriptor !=
':')
2593 StringSecurityDescriptor++;
2596 lptoken = StringSecurityDescriptor;
2597 while (*lptoken && *lptoken !=
':')
2603 len = lptoken - StringSecurityDescriptor;
2686 FIXME(
"Unknown token\n");
2691 StringSecurityDescriptor = lptoken;
2709 DWORD StringSDRevision,
2711 PULONG SecurityDescriptorSize)
2715 LPWSTR StringSecurityDescriptorW;
2720 if (StringSecurityDescriptorW)
2726 SecurityDescriptorSize);
2739 DWORD StringSDRevision,
2741 PULONG SecurityDescriptorSize)
2771 if (!psd)
goto lend;
2783 if (SecurityDescriptorSize)
2784 *SecurityDescriptorSize = cBytes;
2789 TRACE(
" ret=%d\n", bret);
2811 WCHAR fmt[] = {
'S',
'-',
'%',
'u',
'-',
'%',
'd',0 };
2812 WCHAR subauthfmt[] = {
'-',
'%',
'u',0 };
2825 FIXME(
"not matching MS' bugs\n");
2899 static const WCHAR fmtW[] = {
'0',
'x',
'%',
'x',0};
2919 for (
i = 0;
i < 32;
i++)
2931 for (
i = 0;
i < 32;
i++)
2932 if (
mask & (1 <<
i))
2939 static const WCHAR openbr =
'(';
2940 static const WCHAR closebr =
')';
2941 static const WCHAR semicolon =
';';
3019 if (!
DumpAce(ace, pwptr, plen))
3028 static const WCHAR prefix[] = {
'O',
':',0};
3039 if (!
DumpSid(psid, pwptr, plen))
3046 static const WCHAR prefix[] = {
'G',
':',0};
3057 if (!
DumpSid(psid, pwptr, plen))
3064 static const WCHAR dacl[] = {
'D',
':',0};
3066 BOOL present, defaulted;
3087 static const WCHAR sacl[] = {
'S',
':',0};
3089 BOOL present, defaulted;
3118 ERR(
"Program requested unknown SDDL revision %d\n", SDRevision);
3166 *OutputString = wstr;
3168 *OutputLen =
strlenW(*OutputString)+1;
3186 if (*OutputString ==
NULL)
3196 if (OutputLen !=
NULL)
3202 *OutputString =
NULL;
3220 else if (!StringSid || !
Sid)
3243 else if (!StringSid || !
Sid)
3264 WCHAR FixedBuffer[64];
3288 if (
NULL == *StringSid)
3333 if (
NULL == *StringSid)
3362 DWORD dwCreationFlags,
3371 lpStartupInfo, lpProcessInformation);
3380 FIXME(
"%p 0x%08x %s %s 0x%08x %p %s %p %p - semi-stub\n",
token,
3382 creation_flags, environment,
debugstr_w(current_directory),
3383 startup_info, process_information);
3387 current_directory, startup_info, process_information );
3405 TRACE(
"%p 0x%08x 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3413 if (lpTokenAttributes !=
NULL)
3417 lpTokenAttributes->bInheritHandle ?
OBJ_INHERIT : 0,
3419 lpTokenAttributes->lpSecurityDescriptor);
3437 DuplicateTokenHandle);
3440 ERR(
"NtDuplicateToken failed: Status %08x\n",
Status);
3445 TRACE(
"Returning token %p.\n", *DuplicateTokenHandle);
3463 DuplicateTokenHandle);
3471 if (StringSid[0] ==
'S' && StringSid[1] ==
'-')
3476 if (*StringSid ==
'-')
3517 TRACE(
"StringSid is NULL, returning FALSE\n");
3521 while (*StringSid ==
' ')
3530 TRACE(
"only size requested, returning TRUE with %d\n", *cBytes);
3534 if (StringSid[0] ==
'S' && StringSid[1] ==
'-')
3549 TRACE(
"SubAuthorityCount is 0\n");
3556 while (*StringSid && *StringSid !=
'-')
3558 if (*StringSid ==
'-')
3566 identAuth =
atoiW(StringSid);
3573 while (*StringSid && *StringSid !=
'-')
3575 if (*StringSid ==
'-')
3582 while (*StringSid && *StringSid !=
'-')
3584 if (*StringSid ==
'-')
3626 TRACE(
"returning %s\n", bret ?
"TRUE" :
"FALSE");
3650 TRACE(
"%s %d %d %p %p %p %p %p\n", pObjectName,
ObjectType, SecurityInfo,
3651 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
3661 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
3674 DWORD required_size;
3677 FIXME(
"(%p %p %p): semi-stub\n",
sid, domain_sid,
size );
3698 if (*
size < required_size || !domain_sid)
3700 *
size = required_size;
3707 for (
i = 0;
i < 4;
i++)
3710 *
size = required_size;
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
#define ERROR_INVALID_PARAMETER
#define FILE_GENERIC_READ
#define SECURITY_BATCH_RID
LPWSTR WINAPI GetTrusteeNameW(PTRUSTEE_W pTrustee)
DWORD WINAPI GetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
static const WCHAR SDDL_OBJECT_INHERIT[]
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define SDDL_GENERIC_WRITE
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
#define STATUS_NOT_ALL_ASSIGNED
#define SDDL_WRITE_PROPERTY
static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(LPCWSTR StringSecurityDescriptor, SECURITY_DESCRIPTOR_RELATIVE *SecurityDescriptor, LPDWORD cBytes)
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
#define ERROR_BAD_PROVIDER
#define SECURITY_AUTHENTICATED_USER_RID
BOOL WINAPI ImpersonateNamedPipeClient(HANDLE hNamedPipe)
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
#define SDDL_GENERIC_EXECUTE
#define SECURITY_LOCAL_SYSTEM_RID
#define ACE_OBJECT_TYPE_PRESENT
#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR _Inout_ LPDWORD _Out_ LPDWORD lpLanguageId
#define DOMAIN_ALIAS_RID_GUESTS
#define DOMAIN_GROUP_RID_GUESTS
NTSTATUS NTAPI NtPrivilegeCheck(IN HANDLE ClientToken, IN PPRIVILEGE_SET RequiredPrivileges, OUT PBOOLEAN Result)
#define SECURITY_THIS_ORGANIZATION_RID
#define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP
WINE_UNICODE_INLINE unsigned int strlenW(const WCHAR *str)
static const WCHAR SDDL_INHERITED[]
BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
ACCESS_MODE grfAccessMode
enum _ACL_INFORMATION_CLASS ACL_INFORMATION_CLASS
#define SECURITY_TERMINAL_SERVER_RID
#define WideCharToMultiByte
#define OBJ_CASE_INSENSITIVE
DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
static BOOL DumpOwner(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR InheritedObjectTypeName
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
VOID WINAPI SetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT LPDWORD DesiredAccess)
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION Information, LPSTR *OutputString, PULONG OutputLen)
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
#define FSCTL_PIPE_IMPERSONATE
#define DOMAIN_GROUP_RID_SCHEMA_ADMINS
* PSID_IDENTIFIER_AUTHORITY
BOOL WINAPI SetAclInformation(PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
#define SDDL_DELETE_CHILD
static const WCHAR SDDL_CONTAINER_INHERIT[]
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
static const WELLKNOWNSID WellKnownSids[]
#define SDDL_AUTO_INHERITED
BOOL WINAPI RevertToSelf(VOID)
#define ADS_RIGHT_DS_CREATE_CHILD
BOOL WINAPI MakeAbsoluteSD(PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, LPDWORD lpdwAbsoluteSecurityDescriptorSize, PACL pDacl, LPDWORD lpdwDaclSize, PACL pSacl, LPDWORD lpdwSaclSize, PSID pOwner, LPDWORD lpdwOwnerSize, PSID pPrimaryGroup, LPDWORD lpdwPrimaryGroupSize)
GLdouble GLdouble GLdouble r
char * wine_dbgstr_w(const wchar_t *wstr)
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
#define SYSTEM_MANDATORY_LABEL_ACE_TYPE
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
int WINAPI lstrcmpW(LPCWSTR lpString1, LPCWSTR lpString2)
#define ADS_RIGHT_DS_DELETE_CHILD
static LPSTR(WINAPI *pGetTrusteeNameA)(PTRUSTEEA pTrustee)
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
BOOL WINAPI LookupAccountNameA(LPCSTR SystemName, LPCSTR AccountName, PSID Sid, LPDWORD SidLength, LPSTR ReferencedDomainName, LPDWORD hReferencedDomainNameLength, PSID_NAME_USE SidNameUse)
#define SECURITY_DIALUP_RID
GLuint GLuint GLsizei count
DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
_In_ CLIPOBJ _In_ BRUSHOBJ _In_ LONG x1
DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
BOOL WINAPI SetFileSecurityA(LPCSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
#define ERROR_INVALID_SID
enum _ACCESS_MODE ACCESS_MODE
BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID *Sid)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
VOID WINAPI BuildTrusteeWithNameW(PTRUSTEE_W pTrustee, LPWSTR name)
BOOL WINAPI PrivilegeCheck(HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
BOOL WINAPI AddAccessAllowedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
#define SECURITY_NETWORK_RID
BOOL WINAPI LookupPrivilegeNameW(LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName, LPDWORD cchName)
#define ADS_RIGHT_DS_CONTROL_ACCESS
SIZE_T LPPROCESS_INFORMATION
#define NtCurrentThread()
struct _TRUSTEE_A * pMultipleTrustee
#define SECURITY_MANDATORY_MEDIUM_RID
TRUSTEE_TYPE WINAPI GetTrusteeTypeA(PTRUSTEE_A pTrustee)
VOID WINAPI BuildExplicitAccessWithNameA(PEXPLICIT_ACCESSA pExplicitAccess, LPSTR pTrusteeName, DWORD AccessPermissions, ACCESS_MODE AccessMode, DWORD Inheritance)
#define DOMAIN_ALIAS_RID_DCOM_USERS
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION RequestedInformation, LPWSTR *OutputString, PULONG OutputLen)
#define ERROR_NOT_ENOUGH_MEMORY
DWORD WINAPI GetLastError(VOID)
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
struct _ACEFLAG * LPACEFLAG
static BOOL DumpSacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
BOOL WINAPI CreateProcessWithLogonW(LPCWSTR lpUsername, LPCWSTR lpDomain, LPCWSTR lpPassword, DWORD dwLogonFlags, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
NTSYSAPI NTSTATUS WINAPI RtlQueryInformationAcl(PACL, LPVOID, DWORD, ACL_INFORMATION_CLASS)
static DWORD ParseAceStringRights(LPCWSTR *StringAcl)
NTSYSCALLAPI NTSTATUS NTAPI NtFsControlFile(HANDLE FileHandle, HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, ULONG FsControlCode, PVOID InputBuffer, ULONG InputBufferLength, PVOID OutputBuffer, ULONG OutputBufferLength)
VOID WINAPI BuildTrusteeWithSidA(PTRUSTEE_A pTrustee, PSID pSid)
BOOL WINAPI IsValidAcl(PACL pAcl)
BOOL WINAPI SetThreadToken(IN PHANDLE ThreadHandle OPTIONAL, IN HANDLE TokenHandle)
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
#define GROUP_SECURITY_INFORMATION
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
NTSYSAPI NTSTATUS WINAPI RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR, PDWORD, PACL, PDWORD, PACL, PDWORD, PSID, PDWORD, PSID, PDWORD)
#define DOMAIN_ALIAS_RID_POWER_USERS
#define SECURITY_INTERACTIVE_RID
#define TOKEN_IMPERSONATE
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
#define SECURITY_NULL_SID_AUTHORITY
WDF_EXTERN_C_START typedef _Must_inspect_result_ _In_opt_ PCUNICODE_STRING UnicodeString
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
static BOOL DumpSidNumeric(PSID psid, WCHAR **pwptr, ULONG *plen)
TRUSTEE_FORM WINAPI GetTrusteeFormW(PTRUSTEEW pTrustee)
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
#define NO_PROPAGATE_INHERIT_ACE
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
struct WELLKNOWNSID WELLKNOWNSID
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
enum _TRUSTEE_TYPE TRUSTEE_TYPE
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
_In_ WDFREQUEST _In_ NTSTATUS _In_ ULONG_PTR Information
TRUSTEE_TYPE WINAPI GetTrusteeTypeW(PTRUSTEE_W pTrustee)
#define SE_DACL_AUTO_INHERITED
DWORD WINAPI GetVersion(VOID)
BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pGroup, LPBOOL lpbGroupDefaulted)
static DWORD ParseAclStringFlags(LPCWSTR *StringAcl)
static void * heap_alloc(size_t len)
#define SECURITY_PACKAGE_SCHANNEL_RID
static const WCHAR SDDL_OBJECT_ACCESS_DENIED[]
WINE_UNICODE_INLINE int strncmpW(const WCHAR *str1, const WCHAR *str2, int n)
#define STATUS_BUFFER_TOO_SMALL
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR LPSTR Name
VOID WINAPI BuildTrusteeWithNameA(PTRUSTEE_A pTrustee, LPSTR name)
static const WCHAR SDDL_NO_PROPAGATE[]
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
static const char * debugstr_sid(PSID sid)
const char * wine_dbg_sprintf(const char *format,...)
NTSYSAPI BOOLEAN NTAPI RtlAreAnyAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
VOID WINAPI BuildTrusteeWithObjectsAndNameA(PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName, SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName, LPSTR InheritedObjectTypeName, LPSTR Name)
static const SID sidWorld
static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[]
static const WCHAR SDDL_ACCESS_ALLOWED[]
GLenum GLuint GLenum GLsizei const GLchar * buf
_In_ PSID _Out_writes_to_opt_ cchName LPSTR _Inout_ LPDWORD cchName
static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags, PACL pAcl, LPDWORD cBytes)
#define SUCCESSFUL_ACCESS_ACE_FLAG
#define DOMAIN_GROUP_RID_COMPUTERS
#define SECURITY_PRINCIPAL_SELF_RID
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
#define DOMAIN_GROUP_RID_ADMINS
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FAILED_ACCESS_ACE_FLAG
static unsigned char bytes[4]
static const WCHAR SDDL_AUDIT_FAILURE[]
static BYTE ParseAceStringFlags(LPCWSTR *StringAcl)
BOOL ADVAPI_GetComputerSid(PSID sid)
DWORD SECURITY_INFORMATION
#define SECURITY_LOCAL_SID_AUTHORITY
static const WCHAR SDDL_NO_EXECUTE_UP[]
WORD SECURITY_DESCRIPTOR_CONTROL
PVOID WINAPI FreeSid(PSID pSid)
#define DOMAIN_USER_RID_ADMIN
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
#define SECURITY_MANDATORY_LABEL_AUTHORITY
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
GLenum GLuint GLenum GLsizei length
NTSYSAPI BOOLEAN NTAPI RtlValidAcl(PACL Acl)
BOOL WINAPI SetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength)
#define ADS_RIGHT_DS_DELETE_TREE
NTSTATUS NTAPI NtAdjustGroupsToken(IN HANDLE TokenHandle, IN BOOLEAN ResetToDefault, IN PTOKEN_GROUPS NewState, IN ULONG BufferLength, OUT PTOKEN_GROUPS PreviousState OPTIONAL, OUT PULONG ReturnLength)
#define SECURITY_PACKAGE_BASE_RID
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
static DWORD DWORD void LPSTR DWORD cch
#define ADS_RIGHT_DS_SELF
#define SID_MAX_SUB_AUTHORITIES
SE_OBJECT_TYPE ObjectType
#define SDDL_FILE_EXECUTE
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD cbSid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
BOOL WINAPI AddAuditAccessAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
#define DOMAIN_GROUP_RID_POLICY_ADMINS
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
VOID WINAPI BuildTrusteeWithObjectsAndSidW(PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
static POBJECTS_AND_NAME_A pObjName
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
BOOL WINAPI AccessCheckByType(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID PrincipalSelfSid, HANDLE ClientToken, DWORD DesiredAccess, POBJECT_TYPE_LIST ObjectTypeList, DWORD ObjectTypeListLength, PGENERIC_MAPPING GenericMapping, PPRIVILEGE_SET PrivilegeSet, LPDWORD PrivilegeSetLength, LPDWORD GrantedAccess, LPBOOL AccessStatus)
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
VOID WINAPI BuildTrusteeWithObjectsAndSidA(PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
DWORD WINAPI GetSecurityInfoExW(HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider, LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList, PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup)
BOOL WINAPI AreAnyAccessesGranted(DWORD GrantedAccess, DWORD DesiredAccess)
#define SECURITY_LOCAL_SERVICE_RID
BOOL WINAPI AddAccessDeniedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
#define SECURITY_NT_AUTHORITY
struct WELLKNOWNRID WELLKNOWNRID
DWORD WINAPI GetSecurityInfoExA(HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCSTR lpProvider, LPCSTR lpProperty, PACTRL_ACCESSA *ppAccessList, PACTRL_AUDITA *ppAuditList, LPSTR *lppOwner, LPSTR *lppGroup)
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
#define FILE_GENERIC_EXECUTE
static const ACEFLAG AceRights[]
#define CONTAINER_INHERIT_ACE
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
#define DOMAIN_USER_RID_GUEST
NTSTATUS NTAPI NtQuerySecurityObject(IN HANDLE Handle, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Length, OUT PULONG ResultLength)
BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID *Sid)
enum _SID_NAME_USE * PSID_NAME_USE
#define DOMAIN_USER_RID_KRBTGT
#define SECURITY_CREATOR_GROUP_SERVER_RID
#define SDDL_CREATE_CHILD
#define SECURITY_ENTERPRISE_CONTROLLERS_RID
WINE_DEFAULT_DEBUG_CHANNEL(inetcpl)
BOOL WINAPI AddAccessDeniedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
#define SECURITY_BUILTIN_DOMAIN_RID
BOOL WINAPI CreateRestrictedToken(HANDLE baseToken, DWORD flags, DWORD nDisableSids, PSID_AND_ATTRIBUTES disableSids, DWORD nDeletePrivs, PLUID_AND_ATTRIBUTES deletePrivs, DWORD nRestrictSids, PSID_AND_ATTRIBUTES restrictSids, PHANDLE newToken)
static POBJECTS_AND_SID pObjSid
#define SE_SACL_AUTO_INHERIT_REQ
#define NT_SUCCESS(StatCode)
NTSYSAPI PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid(PSID Sid)
#define DOMAIN_ALIAS_RID_BACKUP_OPS
#define SECURITY_WORLD_SID_AUTHORITY
BOOL WINAPI DuplicateToken(IN HANDLE ExistingTokenHandle, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PHANDLE DuplicateTokenHandle)
DWORD WINAPI GetLengthSid(PSID pSid)
VOID WINAPI QuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT LPDWORD DesiredAccess)
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
BOOL WINAPI AccessCheck(IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN HANDLE ClientToken, IN DWORD DesiredAccess, IN PGENERIC_MAPPING GenericMapping, OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL, IN OUT LPDWORD PrivilegeSetLength, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus)
BOOL WINAPI SetFileSecurityW(LPCWSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
static POBJECTS_AND_SID GUID GUID * pInheritedObjectGuid
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
_In_ ACCESS_MASK AccessMask
#define SE_DACL_PROTECTED
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(LPCSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
static const WCHAR SDDL_AUDIT[]
ACCESS_MODE grfAccessMode
#define SACL_SECURITY_INFORMATION
#define SECURITY_LOCAL_RID
VOID WINAPI BuildTrusteeWithSidW(PTRUSTEE_W pTrustee, PSID pSid)
struct _TRUSTEE_W * pMultipleTrustee
#define ACCESS_ALLOWED_ACE_TYPE
static void DumpRights(DWORD mask, WCHAR **pwptr, ULONG *plen)
NTSTATUS WINAPI NtSetSecurityObject(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SDDL_STANDARD_DELETE
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR ReferencedDomainName
#define ADS_RIGHT_DS_READ_PROP
BOOL WINAPI InitializeSid(PSID Sid, PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount)
BOOL WINAPI DuplicateTokenEx(IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
static BOOL DumpDacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
#define SECURITY_WORLD_RID
#define SECURITY_PROXY_RID
#define ACCESS_DENIED_ACE_TYPE
#define SECURITY_ANONYMOUS_LOGON_RID
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
#define RPC_S_INVALID_STRING_UUID
NTSYSAPI NTSTATUS NTAPI RtlAddAce(_Inout_ PACL Acl, _In_ ULONG AceRevision, _In_ ULONG StartingAceIndex, _In_reads_bytes_(AceListLength) PVOID AceList, _In_ ULONG AceListLength)
#define SECURITY_CREATOR_OWNER_RID
#define SECURITY_OTHER_ORGANIZATION_RID
#define SECURITY_NULL_RID
NTSYSAPI BOOLEAN NTAPI RtlFirstFreeAce(PACL Acl, PACE *Ace)
#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE ObjectType
BOOL WINAPI ConvertSidToStringSidA(PSID Sid, LPSTR *StringSid)
#define SE_SACL_PROTECTED
#define FILE_SHARE_DELETE
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAceEx(PACL, DWORD, DWORD, DWORD, PSID)
#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS
BOOL WINAPI GetKernelObjectSecurity(HANDLE Handle, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
static const WCHAR SDDL_INHERIT_ONLY[]