63{
65
70 const TCHAR *pchParameter;
73
76 {
78 }
80 {
82 goto CheckDACLArgument;
83 }
84
86 {
87CheckDACLArgument:
88 blnBadParameter =
FALSE;
91 {
93 blnDo = pszKey !=
NULL;
94 }
95 else if (!pszKey)
96 {
97 pszKey = pchParameter;
99 }
100 else
101 {
102 blnBadParameter =
TRUE;
103 }
104 if (blnBadParameter)
105 {
106 rConsole.
Write(
_T(
"Bad parameter: "));
107 rConsole.
Write(pchParameter);
109 }
110 }
111
113
115 {
118 }
119
120 if (blnHelp)
121 {
123 }
124
125 if (blnDo&&blnHelp) rConsole.
Write(
_T(
"\n"));
126
127 if (!blnDo)
128 return 0;
129
131 {
133 return 0;
134 }
135
136 DWORD dwSecurityDescriptorLength;
143 try
144 {
145 nError =
Key.GetSecurityDescriptorLength(&dwSecurityDescriptorLength);
147 throw nError;
148
150 DWORD dwSecurityDescriptorLength1 = dwSecurityDescriptorLength;
153 throw nError;
155 sd.AssociateDescriptor(pSecurityDescriptor);
156
157 sd.BeginDACLInteration();
158 ASSERT(
sd.DescriptorContainsDACL());
159 if (
sd.HasNULLDACL())
160 {
161 rConsole.
Write(
_T(
"Key has not DACL.\n(This allows all access)\n"));
162 }
163 else
164 {
165 if (!
sd.HasValidDACL())
166 {
167 rConsole.
Write(
_T(
"Invalid DACL.\n"));
168 }
169 else
170 {
171 DWORD nACECount =
sd.GetDACLEntriesCount();
172 rConsole.
Write(
_T(
"DACL has "));
175 rConsole.
Write(
_T(
" ACEs.\n"));
176 if (nACECount == 0)
177 {
178 rConsole.
Write(
_T(
"(This denies all access)\n"));
179 }
180 else
181 {
182 for (
DWORD i = 0 ;
i < nACECount ;
i++)
183 {
185 rConsole.
Write(
_T(
"\tACE Index: "));
188 rConsole.
Write(
_T(
"\tACE Type: "));
189 switch (
sd.GetDACLEntry(
i))
190 {
192 rConsole.
Write(
_T(
"Access-allowed\n"));
193 break;
195 rConsole.
Write(
_T(
"Access-denied\n"));
196 break;
197 default:
198 rConsole.
Write(
_T(
"Unknown.\nCannot continue dumping of the ACE list.\n"));
199 goto AbortDumpDACL;
200 }
201 PSID pSID =
sd.GetCurrentACE_SID();
203 {
204 rConsole.
Write(
_T(
"\tInvalid SID.\n"));
205 }
206 else
207 {
208 DWORD dwSIDStringSize = 0;
214 {
220 rConsole.
Write(
_T(
"\nGetting string representation of SID\n"));
221 }
222 else
223 {
225 rConsole.
Write(pchSID);
227 }
228 delete[] pchSID;
229 DWORD dwNameBufferLength, dwDomainNameBufferLength;
230 dwNameBufferLength = 1024;
231 dwDomainNameBufferLength = 1024;
232 pchName =
new TCHAR [dwNameBufferLength];
233 pchDomainName =
new TCHAR [dwDomainNameBufferLength];
234 DWORD dwNameLength = dwNameBufferLength, dwDomainNameLength = dwDomainNameBufferLength;
237 {
242 }
243 else
244 {
245 rConsole.
Write(
_T(
"\tTrustee Domain: "));
246 rConsole.
Write(pchDomainName);
248 rConsole.
Write(
_T(
"\tTrustee Name: "));
249 rConsole.
Write(pchName);
250 rConsole.
Write(
_T(
"\n\tSID type: "));
253 }
254 delete [] pchName;
256 delete [] pchDomainName;
257 pchDomainName =
NULL;
258 }
259
261 sd.GetCurrentACE_Flags(bFlags);
265 {
266 rConsole.
Write(
_T(
"\t\tCONTAINER_INHERIT_ACE\n"));
267 }
269 {
270 rConsole.
Write(
_T(
"\t\tINHERIT_ONLY_ACE\n"));
271 }
273 {
274 rConsole.
Write(
_T(
"\t\tINHERITED_ACE\n"));
275 }
277 {
278 rConsole.
Write(
_T(
"\t\tNO_PROPAGATE_INHERIT_ACE\n"));
279 }
281 {
282 rConsole.
Write(
_T(
"\t\tOBJECT_INHERIT_ACE\n"));
283 }
284
286 sd.GetCurrentACE_AccessMask(dwAccessMask);
290 {
291 rConsole.
Write(
_T(
"\t\tGENERIC_READ\n"));
292 }
294 {
295 rConsole.
Write(
_T(
"\t\tGENERIC_WRITE\n"));
296 }
298 {
299 rConsole.
Write(
_T(
"\t\tGENERIC_EXECUTE\n"));
300 }
302 {
303 rConsole.
Write(
_T(
"\t\tGENERIC_ALL\n"));
304 }
306 {
307 rConsole.
Write(
_T(
"\t\tSYNCHRONIZE\n"));
308 }
310 {
311 rConsole.
Write(
_T(
"\t\tWRITE_OWNER\n"));
312 }
314 {
315 rConsole.
Write(
_T(
"\t\tWRITE_DAC\n"));
316 }
318 {
319 rConsole.
Write(
_T(
"\t\tREAD_CONTROL\n"));
320 }
321 if (dwAccessMask &
DELETE)
322 {
323 rConsole.
Write(
_T(
"\t\tDELETE\n"));
324 }
326 {
327 rConsole.
Write(
_T(
"\t\tKEY_CREATE_LINK\n"));
328 }
330 {
331 rConsole.
Write(
_T(
"\t\tKEY_NOTIFY\n"));
332 }
334 {
335 rConsole.
Write(
_T(
"\t\tKEY_ENUMERATE_SUB_KEYS\n"));
336 }
338 {
339 rConsole.
Write(
_T(
"\t\tKEY_CREATE_SUB_KEY\n"));
340 }
342 {
343 rConsole.
Write(
_T(
"\t\tKEY_SET_VALUE\n"));
344 }
346 {
347 rConsole.
Write(
_T(
"\t\tKEY_QUERY_VALUE\n"));
348 }
349 }
350 }
351 }
352 }
353AbortDumpDACL:
354 delete [] pSecurityDescriptor;
355 }
356 catch (
DWORD dwError)
357 {
362 if (pchName) delete [] pchName;
363 if (pchDomainName) delete [] pchDomainName;
364 if (pSecurityDescriptor) delete [] pSecurityDescriptor;
365 }
366
367 return 0;
368}
#define COMMAND_NA_ON_ROOT
const TCHAR * GetSidTypeName(SID_NAME_USE Use)
BOOL GetTextualSid(PSID pSid, LPTSTR TextualSid, LPDWORD lpdwBufferLen)
void ResetArgumentIteration()
TCHAR * GetNextArgument()
BOOL Write(const TCHAR *p, DWORD dwChars=0)
BOOL GetKey(const TCHAR *pchRelativePath, REGSAM DesiredAccess, CRegistryKey &rKey)
const TCHAR * GetLastErrorDescription()
virtual const TCHAR * GetHelpString()
#define ERROR_INSUFFICIENT_BUFFER
BOOL WINAPI IsValidSid(PSID pSid)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
_CRTIMP char *__cdecl _itoa(_In_ int _Value, _Pre_notnull_ _Post_z_ char *_Dest, _In_ int _Radix)
enum _SID_NAME_USE SID_NAME_USE
DWORD SECURITY_INFORMATION
#define KEY_CREATE_SUB_KEY
#define KEY_ENUMERATE_SUB_KEYS
DWORD WINAPI GetLastError(void)
#define CONTAINER_INHERIT_ACE
#define DACL_SECURITY_INFORMATION
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR
#define OBJECT_INHERIT_ACE
#define NO_PROPAGATE_INHERIT_ACE