155 #define ADS_RIGHT_DS_CREATE_CHILD 0x0001 156 #define ADS_RIGHT_DS_DELETE_CHILD 0x0002 157 #define ADS_RIGHT_ACTRL_DS_LIST 0x0004 158 #define ADS_RIGHT_DS_SELF 0x0008 159 #define ADS_RIGHT_DS_READ_PROP 0x0010 160 #define ADS_RIGHT_DS_WRITE_PROP 0x0020 161 #define ADS_RIGHT_DS_DELETE_TREE 0x0040 162 #define ADS_RIGHT_DS_LIST_OBJECT 0x0080 163 #define ADS_RIGHT_DS_CONTROL_ACCESS 0x0100 259 if (!ServerName || !ServerName[0])
264 if (
Result && (ServerName[0] ==
'\\') && (ServerName[1] ==
'\\'))
282 DWORD SubAuthority[4];
286 memcpy(
sid, &computer_sid,
sizeof(computer_sid) );
309 ERR(
"NtOpenProcessToken failed! Status %08x.\n",
Status);
377 BOOL DisableAllPrivileges,
386 DisableAllPrivileges,
559 if (SidsToDisable !=
NULL)
562 if (DisableSids ==
NULL)
578 if (PrivilegesToDelete !=
NULL)
581 if (DeletePrivileges ==
NULL)
598 if (SidsToRestrict !=
NULL)
601 if (RestrictedSids ==
NULL)
610 RestrictedSids->
GroupCount = RestrictedSidCount;
641 if (DisableSids !=
NULL)
646 if (DeletePrivileges !=
NULL)
651 if (RestrictedSids !=
NULL)
677 BYTE nSubAuthorityCount,
685 pIdentifierAuthority, nSubAuthorityCount,
686 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
687 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
771 if (*
cbSid < output_sid_length)
773 *
cbSid = output_sid_length;
785 *
cbSid = output_sid_length;
866 BYTE nSubAuthorityCount)
871 pIdentifierAuthority,
954 LPDWORD lpdwAbsoluteSecurityDescriptorSize,
967 pAbsoluteSecurityDescriptor,
968 lpdwAbsoluteSecurityDescriptorSize,
976 lpdwPrimaryGroupSize);
996 TRACE(
"(%p,0x%08x,%p,0x%08x,%p)\n",
Handle, RequestedInformation,
997 pSecurityDescriptor,
nLength, lpnLengthNeeded);
1010 DWORD dwAclRevision)
1030 TRACE(
"(%p)\n", hNamedPipe);
1145 DWORD dwStartingAceIndex,
1147 DWORD nAceListLength)
1199 DWORD nAclInformationLength,
1203 nAclInformationLength, dwAclInformationClass));
1391 RequestedInformation,
1392 pSecurityDescriptor,
1419 TRACE(
"GetFileSecurityW() called\n");
1428 ERR(
"Invalid path\n");
1452 ERR(
"NtOpenFile() failed (Status %lx)\n",
Status);
1458 RequestedInformation,
1459 pSecurityDescriptor,
1465 ERR(
"NtQuerySecurityObject() failed (Status %lx)\n",
Status);
1496 pSecurityDescriptor);
1522 TRACE(
"SetFileSecurityW() called\n");
1531 ERR(
"Invalid path\n");
1555 ERR(
"NtOpenFile() failed (Status %lx)\n",
Status);
1562 pSecurityDescriptor);
1567 ERR(
"NtSetSecurityObject() failed (Status %lx)\n",
Status);
1601 FIXME(
"(0x%08x,0x%08x,0x%08x,0x%08x):stub\n",
x1,
x2,x3,x4);
1670 (
PULONG)PrivilegeSetLength,
1704 PSID PrincipalSelfSid,
1708 DWORD ObjectTypeListLength,
1816 LPDWORD hReferencedDomainNameLength,
1830 *hReferencedDomainNameLength *
sizeof(
WCHAR));
1836 lpReferencedDomainNameW,
1837 hReferencedDomainNameLength,
1840 if (
ret && lpReferencedDomainNameW)
1844 lpReferencedDomainNameW,
1845 *hReferencedDomainNameLength + 1,
1847 *hReferencedDomainNameLength + 1,
1931 DWORD AccessPermissions,
1953 DWORD AccessPermissions,
1975 DWORD ObjectsPresent = 0;
2011 DWORD ObjectsPresent = 0;
2050 DWORD ObjectsPresent = 0;
2099 DWORD ObjectsPresent = 0;
2207 TRACE(
"(%p)\n", pTrustee);
2220 TRACE(
"(%p)\n", pTrustee);
2272 DWORD nAclInformationLength,
2279 nAclInformationLength,
2280 dwAclInformationClass);
2358 while (*szAcl && *szAcl !=
'(')
2364 else if (*szAcl ==
'A')
2369 else if (*szAcl ==
'I')
2404 while (*szAcl ==
' ')
2407 while (lpaf->
wstr &&
2415 *StringAcl = szAcl +
len;
2441 while (*szAcl ==
' ')
2444 while (*szAcl !=
';')
2448 while (lpaf->
wstr &&
2512 while (*szAcl ==
' ')
2515 if ((*szAcl ==
'0') && (*(szAcl + 1) ==
'x'))
2519 while (*
p && *
p !=
';')
2522 if (
p - szAcl <= 10 )
2532 while (*szAcl !=
';')
2536 while (lpaf->
wstr &&
2546 rights |= lpaf->
value;
2584 while (*StringAcl ==
'(')
2592 if (*StringAcl !=
';')
2603 if (*StringAcl !=
';')
2611 if (*StringAcl !=
';')
2616 while (*StringAcl ==
' ')
2618 if (*StringAcl !=
';')
2620 FIXME(
"Support for *_OBJECT_ACE_TYPE not implemented\n");
2626 while (*StringAcl ==
' ')
2628 if (*StringAcl !=
';')
2630 FIXME(
"Support for *_OBJECT_ACE_TYPE not implemented\n");
2638 while (*StringAcl && *StringAcl !=
')')
2642 if (*StringAcl !=
')')
2660 ERR(
"ACL too large\n");
2676 WARN(
"Invalid ACE string format\n");
2684 LPCWSTR StringSecurityDescriptor,
2702 while (*StringSecurityDescriptor ==
' ')
2703 StringSecurityDescriptor++;
2705 while (*StringSecurityDescriptor)
2707 toktype = *StringSecurityDescriptor;
2710 StringSecurityDescriptor++;
2711 if (*StringSecurityDescriptor !=
':')
2716 StringSecurityDescriptor++;
2719 lptoken = StringSecurityDescriptor;
2720 while (*lptoken && *lptoken !=
':')
2726 len = lptoken - StringSecurityDescriptor;
2809 FIXME(
"Unknown token\n");
2814 StringSecurityDescriptor = lptoken;
2832 DWORD StringSDRevision,
2834 PULONG SecurityDescriptorSize)
2838 LPWSTR StringSecurityDescriptorW;
2843 if (StringSecurityDescriptorW)
2849 SecurityDescriptorSize);
2862 DWORD StringSDRevision,
2864 PULONG SecurityDescriptorSize)
2894 if (!psd)
goto lend;
2906 if (SecurityDescriptorSize)
2907 *SecurityDescriptorSize = cBytes;
2912 TRACE(
" ret=%d\n", bret);
2934 WCHAR fmt[] = {
'S',
'-',
'%',
'u',
'-',
'%',
'd',0 };
2935 WCHAR subauthfmt[] = {
'-',
'%',
'u',0 };
2948 FIXME(
"not matching MS' bugs\n");
3022 static const WCHAR fmtW[] = {
'0',
'x',
'%',
'x',0};
3042 for (
i = 0;
i < 32;
i++)
3054 for (
i = 0;
i < 32;
i++)
3055 if (
mask & (1 <<
i))
3062 static const WCHAR openbr =
'(';
3063 static const WCHAR closebr =
')';
3064 static const WCHAR semicolon =
';';
3142 if (!
DumpAce(ace, pwptr, plen))
3151 static const WCHAR prefix[] = {
'O',
':',0};
3162 if (!
DumpSid(psid, pwptr, plen))
3169 static const WCHAR prefix[] = {
'G',
':',0};
3180 if (!
DumpSid(psid, pwptr, plen))
3187 static const WCHAR dacl[] = {
'D',
':',0};
3189 BOOL present, defaulted;
3210 static const WCHAR sacl[] = {
'S',
':',0};
3212 BOOL present, defaulted;
3241 ERR(
"Program requested unknown SDDL revision %d\n", SDRevision);
3289 *OutputString = wstr;
3291 *OutputLen =
strlenW(*OutputString)+1;
3309 if (*OutputString ==
NULL)
3319 if (OutputLen !=
NULL)
3325 *OutputString =
NULL;
3343 else if (!StringSid || !
Sid)
3366 else if (!StringSid || !
Sid)
3387 WCHAR FixedBuffer[64];
3411 if (
NULL == *StringSid)
3456 if (
NULL == *StringSid)
3499 TRACE(
"CreateProcessWithLogonW(%s %s %s 0x%08x %s %s 0x%08x %p %s %p %p)\n",
debugstr_w(lpUsername),
debugstr_w(lpDomain),
3502 lpStartupInfo, lpProcessInformation);
3507 L"\\pipe\\seclogon",
3512 WARN(
"RpcStringBindingCompose returned 0x%x\n",
Status);
3522 WARN(
"RpcBindingFromStringBinding returned 0x%x\n",
Status);
3528 WARN(
"RpcStringFree returned 0x%x\n",
Status);
3538 Request.dwLogonFlags = dwLogonFlags;
3539 Request.dwCreationFlags = dwCreationFlags;
3558 WARN(
"RpcBindingFree returned 0x%x\n",
Status);
3568 TRACE(
"CreateProcessWithLogonW() done\n");
3577 FIXME(
"%p 0x%08x %s %s 0x%08x %p %s %p %p - semi-stub\n",
token,
3579 creation_flags, environment,
debugstr_w(current_directory),
3580 startup_info, process_information);
3584 current_directory, startup_info, process_information );
3602 TRACE(
"%p 0x%08x 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3610 if (lpTokenAttributes !=
NULL)
3614 lpTokenAttributes->bInheritHandle ?
OBJ_INHERIT : 0,
3616 lpTokenAttributes->lpSecurityDescriptor);
3634 DuplicateTokenHandle);
3637 ERR(
"NtDuplicateToken failed: Status %08x\n",
Status);
3642 TRACE(
"Returning token %p.\n", *DuplicateTokenHandle);
3660 DuplicateTokenHandle);
3668 if (StringSid[0] ==
'S' && StringSid[1] ==
'-')
3673 if (*StringSid ==
'-')
3714 TRACE(
"StringSid is NULL, returning FALSE\n");
3718 while (*StringSid ==
' ')
3727 TRACE(
"only size requested, returning TRUE with %d\n", *cBytes);
3731 if (StringSid[0] ==
'S' && StringSid[1] ==
'-')
3746 TRACE(
"SubAuthorityCount is 0\n");
3753 while (*StringSid && *StringSid !=
'-')
3755 if (*StringSid ==
'-')
3763 identAuth =
atoiW(StringSid);
3770 while (*StringSid && *StringSid !=
'-')
3772 if (*StringSid ==
'-')
3779 while (*StringSid && *StringSid !=
'-')
3781 if (*StringSid ==
'-')
3823 TRACE(
"returning %s\n", bret ?
"TRUE" :
"FALSE");
3847 TRACE(
"%s %d %d %p %p %p %p %p\n", pObjectName,
ObjectType, SecurityInfo,
3848 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
3858 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
3871 DWORD required_size;
3874 FIXME(
"(%p %p %p): semi-stub\n",
sid, domain_sid,
size );
3895 if (*
size < required_size || !domain_sid)
3897 *
size = required_size;
3904 for (
i = 0;
i < 4;
i++)
3907 *
size = required_size;
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
#define ERROR_INVALID_PARAMETER
#define FILE_GENERIC_READ
RPC_STATUS WINAPI RpcBindingFromStringBindingW(RPC_WSTR StringBinding, RPC_BINDING_HANDLE *Binding)
#define SECURITY_BATCH_RID
LPWSTR WINAPI GetTrusteeNameW(PTRUSTEE_W pTrustee)
DWORD WINAPI GetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
static const WCHAR SDDL_OBJECT_INHERIT[]
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define SDDL_GENERIC_WRITE
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
#define STATUS_NOT_ALL_ASSIGNED
#define SDDL_WRITE_PROPERTY
static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(LPCWSTR StringSecurityDescriptor, SECURITY_DESCRIPTOR_RELATIVE *SecurityDescriptor, LPDWORD cBytes)
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
#define ERROR_BAD_PROVIDER
#define SECURITY_AUTHENTICATED_USER_RID
RPC_STATUS WINAPI RpcBindingFree(RPC_BINDING_HANDLE *Binding)
BOOL WINAPI ImpersonateNamedPipeClient(HANDLE hNamedPipe)
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
#define SDDL_GENERIC_EXECUTE
#define SECURITY_LOCAL_SYSTEM_RID
#define ACE_OBJECT_TYPE_PRESENT
#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR _Inout_ LPDWORD _Out_ LPDWORD lpLanguageId
#define DOMAIN_ALIAS_RID_GUESTS
#define DOMAIN_GROUP_RID_GUESTS
#define STATUS_INSUFFICIENT_RESOURCES
#define SECURITY_THIS_ORGANIZATION_RID
#define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP
WINE_UNICODE_INLINE unsigned int strlenW(const WCHAR *str)
static const WCHAR SDDL_INHERITED[]
BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
ACCESS_MODE grfAccessMode
enum _ACL_INFORMATION_CLASS ACL_INFORMATION_CLASS
#define SECURITY_TERMINAL_SERVER_RID
#define WideCharToMultiByte
#define OBJ_CASE_INSENSITIVE
DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
static BOOL DumpOwner(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR InheritedObjectTypeName
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
VOID WINAPI SetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT LPDWORD DesiredAccess)
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION Information, LPSTR *OutputString, PULONG OutputLen)
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
RPC_STATUS WINAPI RpcStringFreeW(RPC_WSTR *String)
#define FSCTL_PIPE_IMPERSONATE
#define DOMAIN_GROUP_RID_SCHEMA_ADMINS
* PSID_IDENTIFIER_AUTHORITY
BOOL WINAPI CreateProcessWithLogonW(_In_ LPCWSTR lpUsername, _In_opt_ LPCWSTR lpDomain, _In_ LPCWSTR lpPassword, _In_ DWORD dwLogonFlags, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
BOOL WINAPI SetAclInformation(PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
#define SDDL_DELETE_CHILD
static const WCHAR SDDL_CONTAINER_INHERIT[]
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
static const WELLKNOWNSID WellKnownSids[]
#define SDDL_AUTO_INHERITED
BOOL WINAPI RevertToSelf(VOID)
#define ADS_RIGHT_DS_CREATE_CHILD
BOOL WINAPI MakeAbsoluteSD(PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, LPDWORD lpdwAbsoluteSecurityDescriptorSize, PACL pDacl, LPDWORD lpdwDaclSize, PACL pSacl, LPDWORD lpdwSaclSize, PSID pOwner, LPDWORD lpdwOwnerSize, PSID pPrimaryGroup, LPDWORD lpdwPrimaryGroupSize)
GLdouble GLdouble GLdouble r
char * wine_dbgstr_w(const wchar_t *wstr)
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
#define SYSTEM_MANDATORY_LABEL_ACE_TYPE
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
int WINAPI lstrcmpW(LPCWSTR lpString1, LPCWSTR lpString2)
#define ADS_RIGHT_DS_DELETE_CHILD
static LPSTR(WINAPI *pGetTrusteeNameA)(PTRUSTEEA pTrustee)
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
BOOL WINAPI LookupAccountNameA(LPCSTR SystemName, LPCSTR AccountName, PSID Sid, LPDWORD SidLength, LPSTR ReferencedDomainName, LPDWORD hReferencedDomainNameLength, PSID_NAME_USE SidNameUse)
#define SECURITY_DIALUP_RID
GLuint GLuint GLsizei count
DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
_In_ CLIPOBJ _In_ BRUSHOBJ _In_ LONG x1
DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
BOOL WINAPI SetFileSecurityA(LPCSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
#define ERROR_INVALID_SID
enum _ACCESS_MODE ACCESS_MODE
BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID *Sid)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
VOID WINAPI BuildTrusteeWithNameW(PTRUSTEE_W pTrustee, LPWSTR name)
BOOL WINAPI PrivilegeCheck(HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
BOOL WINAPI AddAccessAllowedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
#define SECURITY_NETWORK_RID
BOOL WINAPI LookupPrivilegeNameW(LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName, LPDWORD cchName)
#define ADS_RIGHT_DS_CONTROL_ACCESS
SIZE_T LPPROCESS_INFORMATION
#define NtCurrentThread()
struct _TRUSTEE_A * pMultipleTrustee
#define SECURITY_MANDATORY_MEDIUM_RID
TRUSTEE_TYPE WINAPI GetTrusteeTypeA(PTRUSTEE_A pTrustee)
VOID WINAPI BuildExplicitAccessWithNameA(PEXPLICIT_ACCESSA pExplicitAccess, LPSTR pTrusteeName, DWORD AccessPermissions, ACCESS_MODE AccessMode, DWORD Inheritance)
#define DOMAIN_ALIAS_RID_DCOM_USERS
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION RequestedInformation, LPWSTR *OutputString, PULONG OutputLen)
#define ERROR_NOT_ENOUGH_MEMORY
DWORD WINAPI GetLastError(VOID)
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
struct _ACEFLAG * LPACEFLAG
static BOOL DumpSacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
NTSYSAPI NTSTATUS WINAPI RtlQueryInformationAcl(PACL, LPVOID, DWORD, ACL_INFORMATION_CLASS)
static DWORD ParseAceStringRights(LPCWSTR *StringAcl)
VOID WINAPI BuildTrusteeWithSidA(PTRUSTEE_A pTrustee, PSID pSid)
BOOL WINAPI IsValidAcl(PACL pAcl)
BOOL WINAPI SetThreadToken(IN PHANDLE ThreadHandle OPTIONAL, IN HANDLE TokenHandle)
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
#define GROUP_SECURITY_INFORMATION
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
NTSYSAPI NTSTATUS WINAPI RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR, PDWORD, PACL, PDWORD, PACL, PDWORD, PSID, PDWORD, PSID, PDWORD)
#define DOMAIN_ALIAS_RID_POWER_USERS
#define SECURITY_INTERACTIVE_RID
BOOL WINAPI CreateRestrictedToken(_In_ HANDLE ExistingTokenHandle, _In_ DWORD Flags, _In_ DWORD DisableSidCount, _In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES SidsToDisable, _In_ DWORD DeletePrivilegeCount, _In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES PrivilegesToDelete, _In_ DWORD RestrictedSidCount, _In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES SidsToRestrict, _Outptr_ PHANDLE NewTokenHandle)
Creates a filtered token that is a restricted one of the regular access token. A restricted token can...
#define TOKEN_IMPERSONATE
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
#define SECURITY_NULL_SID_AUTHORITY
WDF_EXTERN_C_START typedef _Must_inspect_result_ _In_opt_ PCUNICODE_STRING UnicodeString
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
static BOOL DumpSidNumeric(PSID psid, WCHAR **pwptr, ULONG *plen)
TRUSTEE_FORM WINAPI GetTrusteeFormW(PTRUSTEEW pTrustee)
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
#define NO_PROPAGATE_INHERIT_ACE
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
struct WELLKNOWNSID WELLKNOWNSID
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
enum _TRUSTEE_TYPE TRUSTEE_TYPE
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
_In_ WDFREQUEST _In_ NTSTATUS _In_ ULONG_PTR Information
#define _In_reads_opt_(size)
TRUSTEE_TYPE WINAPI GetTrusteeTypeW(PTRUSTEE_W pTrustee)
RPC_STATUS WINAPI RpcStringBindingComposeW(RPC_WSTR ObjUuid, RPC_WSTR Protseq, RPC_WSTR NetworkAddr, RPC_WSTR Endpoint, RPC_WSTR Options, RPC_WSTR *StringBinding)
#define SE_DACL_AUTO_INHERITED
DWORD WINAPI GetVersion(VOID)
BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pGroup, LPBOOL lpbGroupDefaulted)
static DWORD ParseAclStringFlags(LPCWSTR *StringAcl)
static void * heap_alloc(size_t len)
#define SECURITY_PACKAGE_SCHANNEL_RID
static const WCHAR SDDL_OBJECT_ACCESS_DENIED[]
WINE_UNICODE_INLINE int strncmpW(const WCHAR *str1, const WCHAR *str2, int n)
#define STATUS_BUFFER_TOO_SMALL
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR LPSTR Name
VOID WINAPI BuildTrusteeWithNameA(PTRUSTEE_A pTrustee, LPSTR name)
static const WCHAR SDDL_NO_PROPAGATE[]
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
static const char * debugstr_sid(PSID sid)
const char * wine_dbg_sprintf(const char *format,...)
NTSYSAPI BOOLEAN NTAPI RtlAreAnyAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
VOID WINAPI BuildTrusteeWithObjectsAndNameA(PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName, SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName, LPSTR InheritedObjectTypeName, LPSTR Name)
static const SID sidWorld
static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[]
static const WCHAR SDDL_ACCESS_ALLOWED[]
GLenum GLuint GLenum GLsizei const GLchar * buf
_In_ PSID _Out_writes_to_opt_ cchName LPSTR _Inout_ LPDWORD cchName
static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags, PACL pAcl, LPDWORD cBytes)
#define SUCCESSFUL_ACCESS_ACE_FLAG
#define DOMAIN_GROUP_RID_COMPUTERS
#define SECURITY_PRINCIPAL_SELF_RID
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
#define DOMAIN_GROUP_RID_ADMINS
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
#define FAILED_ACCESS_ACE_FLAG
static unsigned char bytes[4]
static const WCHAR SDDL_AUDIT_FAILURE[]
static BYTE ParseAceStringFlags(LPCWSTR *StringAcl)
BOOL ADVAPI_GetComputerSid(PSID sid)
DWORD SECURITY_INFORMATION
NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
#define SECURITY_LOCAL_SID_AUTHORITY
static const WCHAR SDDL_NO_EXECUTE_UP[]
WORD SECURITY_DESCRIPTOR_CONTROL
PVOID WINAPI FreeSid(PSID pSid)
#define DOMAIN_USER_RID_ADMIN
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
#define SECURITY_MANDATORY_LABEL_AUTHORITY
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
GLenum GLuint GLenum GLsizei length
NTSYSAPI BOOLEAN NTAPI RtlValidAcl(PACL Acl)
BOOL WINAPI SetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength)
#define ADS_RIGHT_DS_DELETE_TREE
#define SECURITY_PACKAGE_BASE_RID
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
#define ADS_RIGHT_DS_SELF
#define SID_MAX_SUB_AUTHORITIES
SE_OBJECT_TYPE ObjectType
#define SDDL_FILE_EXECUTE
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD cbSid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
BOOL WINAPI AddAuditAccessAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
#define DOMAIN_GROUP_RID_POLICY_ADMINS
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
VOID WINAPI BuildTrusteeWithObjectsAndSidW(PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
static POBJECTS_AND_NAME_A pObjName
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
BOOL WINAPI AccessCheckByType(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID PrincipalSelfSid, HANDLE ClientToken, DWORD DesiredAccess, POBJECT_TYPE_LIST ObjectTypeList, DWORD ObjectTypeListLength, PGENERIC_MAPPING GenericMapping, PPRIVILEGE_SET PrivilegeSet, LPDWORD PrivilegeSetLength, LPDWORD GrantedAccess, LPBOOL AccessStatus)
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
VOID WINAPI BuildTrusteeWithObjectsAndSidA(PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
DWORD WINAPI GetSecurityInfoExW(HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider, LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList, PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup)
BOOL WINAPI AreAnyAccessesGranted(DWORD GrantedAccess, DWORD DesiredAccess)
#define SECURITY_LOCAL_SERVICE_RID
BOOL WINAPI AddAccessDeniedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
struct _TOKEN_GROUPS * PTOKEN_GROUPS
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
#define SECURITY_NT_AUTHORITY
struct WELLKNOWNRID WELLKNOWNRID
DWORD WINAPI GetSecurityInfoExA(HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCSTR lpProvider, LPCSTR lpProperty, PACTRL_ACCESSA *ppAccessList, PACTRL_AUDITA *ppAuditList, LPSTR *lppOwner, LPSTR *lppGroup)
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
#define FILE_GENERIC_EXECUTE
static const ACEFLAG AceRights[]
#define CONTAINER_INHERIT_ACE
NTSTATUS NTAPI NtPrivilegeCheck(_In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result)
Checks a client access token if it has the required set of privileges.
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
#define DOMAIN_USER_RID_GUEST
NTSTATUS NTAPI NtQuerySecurityObject(IN HANDLE Handle, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Length, OUT PULONG ResultLength)
#define RpcExceptionCode()