Include dependency graph for security.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
Macro Definition Documentation
◆ NDEBUG
| #define NDEBUG |
Definition at line 12 of file security.c.
Function Documentation
◆ RtlConvertToAutoInheritSecurityObject()
| NTSTATUS NTAPI RtlConvertToAutoInheritSecurityObject | ( | IN PSECURITY_DESCRIPTOR | ParentDescriptor, |
| IN PSECURITY_DESCRIPTOR | CreatorDescriptor, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor, | ||
| IN LPGUID | ObjectType, | ||
| IN BOOLEAN | IsDirectoryObject, | ||
| IN PGENERIC_MAPPING | GenericMapping | ||
| ) |
Definition at line 798 of file security.c.
804{
805 /* Call the internal API */
807 CreatorDescriptor,
808 NewDescriptor,
809 ObjectType,
810 IsDirectoryObject,
811 GenericMapping);
812}
NTSTATUS NTAPI RtlpConvertToAutoInheritSecurityObject(IN PSECURITY_DESCRIPTOR ParentDescriptor, IN PSECURITY_DESCRIPTOR CreatorDescriptor, OUT PSECURITY_DESCRIPTOR *NewDescriptor, IN LPGUID ObjectType, IN BOOLEAN IsDirectoryObject, IN PGENERIC_MAPPING GenericMapping)
Definition: security.c:220
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN IsDirectoryObject
Definition: sefuncs.h:31
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR * NewDescriptor
Definition: sefuncs.h:30
◆ RtlCreateAndSetSD()
| NTSTATUS NTAPI RtlCreateAndSetSD | ( | IN PRTL_ACE_DATA | AceData, |
| IN ULONG | AceCount, | ||
| IN PSID OwnerSid | OPTIONAL, | ||
| IN PSID GroupSid | OPTIONAL, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor | ||
| ) |
Definition at line 394 of file security.c.
Referenced by RtlCreateUserSecurityObject().
◆ RtlCreateUserSecurityObject()
| NTSTATUS NTAPI RtlCreateUserSecurityObject | ( | IN PRTL_ACE_DATA | AceData, |
| IN ULONG | AceCount, | ||
| IN PSID | OwnerSid, | ||
| IN PSID | GroupSid, | ||
| IN BOOLEAN | IsDirectoryObject, | ||
| IN PGENERIC_MAPPING | GenericMapping, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor | ||
| ) |
Definition at line 559 of file security.c.
566{
568 PSECURITY_DESCRIPTOR Sd;
571
572 /* Create the security descriptor based on the ACE Data */
574 AceCount,
575 OwnerSid,
576 GroupSid,
577 &Sd);
579
580 /* Open the process token */
583
584 /* Create the security object */
586 Sd,
587 NewDescriptor,
588 IsDirectoryObject,
589 TokenHandle,
590 GenericMapping);
591
592 /* We're done, close the token handle */
594
595Quickie:
596 /* Free the SD and return status */
597 RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);
599}
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
Definition: nsiface.idl:2307
NTSYSAPI NTSTATUS NTAPI RtlNewSecurityObject(_In_ PSECURITY_DESCRIPTOR ParentDescriptor, _In_ PSECURITY_DESCRIPTOR CreatorDescriptor, _Out_ PSECURITY_DESCRIPTOR *NewDescriptor, _In_ BOOLEAN IsDirectoryObject, _In_ HANDLE Token, _In_ PGENERIC_MAPPING GenericMapping)
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
Definition: security.c:350
NTSTATUS NTAPI RtlCreateAndSetSD(IN PRTL_ACE_DATA AceData, IN ULONG AceCount, IN PSID OwnerSid OPTIONAL, IN PSID GroupSid OPTIONAL, OUT PSECURITY_DESCRIPTOR *NewDescriptor)
Definition: security.c:394
Definition: ms-dtyp.idl:301
◆ RtlDefaultNpAcl()
Definition at line 238 of file security.c.
239{
242 PTOKEN_OWNER OwnerSid;
244 ULONG AclSize;
247
249
250 /*
251 * Temporary buffer large enough to hold a maximum of two SIDs.
252 * An alternative is to call RtlAllocateAndInitializeSid many times...
253 */
257
259
260 /* Initialize the user ACL pointer */
261 *pAcl = NULL;
262
263 /*
264 * Try to retrieve the SID of the current owner. For that,
265 * we first attempt to get the current thread level token.
266 */
268 TOKEN_QUERY,
269 TRUE,
270 &TokenHandle);
272 {
273 /*
274 * No thread level token, so use the process level token.
275 * This is the common case since the only time a thread
276 * has a token is when it is impersonating.
277 */
279 TOKEN_QUERY,
280 &TokenHandle);
281 }
282 /* Fail if we didn't succeed in retrieving a handle to the token */
284
285 /*
286 * Retrieve the owner SID from the token.
287 */
288
289 /* Query the needed size... */
291 TokenOwner,
292 NULL, 0,
293 &ReturnLength);
294 /* ... so that we must fail with STATUS_BUFFER_TOO_SMALL error */
296
297 /* Allocate space for the owner SID */
300 {
302 goto Cleanup1;
303 }
304
305 /* Retrieve the owner SID; we must succeed */
307 TokenOwner,
308 OwnerSid,
309 ReturnLength,
310 &ReturnLength);
312
313 /*
314 * Allocate one ACL with 5 ACEs.
315 */
323
324 *pAcl = RtlAllocateHeap(RtlGetProcessHeap(), 0, AclSize);
326 {
328 goto Cleanup2;
329 }
330
331 /*
332 * Build the ACL and add the five ACEs.
333 */
336
337 /* Local System SID - Generic All */
343
344 /* Administrators SID - Generic All */
351
352 /* Owner SID - Generic All */
355
356 /* Anonymous SID - Generic Read */
362
363 /* World SID - Generic Read */
369
370 /* If some problem happened, cleanup everything */
372 {
373 RtlFreeHeap(RtlGetProcessHeap(), 0, *pAcl);
374 *pAcl = NULL;
375 }
376
377Cleanup2:
378 /* Get rid of the owner SID */
379 RtlFreeHeap(RtlGetProcessHeap(), 0, OwnerSid);
380
381Cleanup1:
382 /* Close the token handle */
384
385 /* Done */
387}
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG ReturnLength
Definition: KdSystemDebugControl.c:34
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:616
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
struct _ACL ACL
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2475
Definition: ms-dtyp.idl:215
Definition: rtltypes.h:987
Definition: ms-dtyp.idl:194
Definition: ms-dtyp.idl:198
Definition: setypes.h:1039
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473
◆ RtlDeleteSecurityObject()
| NTSTATUS NTAPI RtlDeleteSecurityObject | ( | IN PSECURITY_DESCRIPTOR * | ObjectDescriptor | ) |
Definition at line 409 of file security.c.
410{
412
413 /* Free the object from the heap */
414 RtlFreeHeap(RtlGetProcessHeap(), 0, *ObjectDescriptor);
416}
◆ RtlFlushSecureMemoryCache()
Definition at line 830 of file security.c.
Referenced by RtlpSecMemFreeVirtualMemory(), and UnmapViewOfFile().
◆ RtlNewInstanceSecurityObject()
| NTSTATUS NTAPI RtlNewInstanceSecurityObject | ( | IN BOOLEAN | ParentDescriptorChanged, |
| IN BOOLEAN | CreatorDescriptorChanged, | ||
| IN PLUID | OldClientTokenModifiedId, | ||
| OUT PLUID | NewClientTokenModifiedId, | ||
| IN PSECURITY_DESCRIPTOR | ParentDescriptor, | ||
| IN PSECURITY_DESCRIPTOR | CreatorDescriptor, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor, | ||
| IN BOOLEAN | IsDirectoryObject, | ||
| IN HANDLE | Token, | ||
| IN PGENERIC_MAPPING | GenericMapping | ||
| ) |
Definition at line 506 of file security.c.
516{
517 TOKEN_STATISTICS TokenStats;
521
522 /* Query the token statistics */
524 TokenStatistics,
525 &TokenStats,
526 sizeof(TokenStats),
527 &Size);
529
530 /* Return the LUID */
531 *NewClientTokenModifiedId = TokenStats.ModifiedId;
532
533 /* Check if the LUID changed */
535 {
536 /* Did nothing change? */
537 if (!(ParentDescriptorChanged) && !(CreatorDescriptorChanged))
538 {
539 /* There's no new descriptor, we're done */
542 }
543 }
544
545 /* Call the standard API */
547 CreatorDescriptor,
548 NewDescriptor,
549 IsDirectoryObject,
550 Token,
551 GenericMapping);
552}
Definition: tokenizer.hpp:28
Definition: setypes.h:1097
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4539
◆ RtlNewSecurityGrantedAccess()
| NTSTATUS NTAPI RtlNewSecurityGrantedAccess | ( | IN ACCESS_MASK | DesiredAccess, |
| OUT PPRIVILEGE_SET | Privileges, | ||
| IN OUT PULONG | Length, | ||
| IN HANDLE | Token, | ||
| IN PGENERIC_MAPPING | GenericMapping, | ||
| OUT PACCESS_MASK | RemainingDesiredAccess | ||
| ) |
Definition at line 606 of file security.c.
612{
614 BOOLEAN Granted, CallerToken;
615 TOKEN_STATISTICS TokenStats;
618
619 /* Has the caller passed a token? */
621 {
622 /* Remember that we'll have to close the handle */
623 CallerToken = FALSE;
624
625 /* Nope, open it */
628 }
629 else
630 {
631 /* Yep, use it */
632 CallerToken = TRUE;
633 }
634
635 /* Get information on the token */
637 TokenStatistics,
638 &TokenStats,
639 sizeof(TokenStats),
640 &Size);
642
643 /* Windows doesn't do anything with the token statistics! */
644
645 /* Map the access and return it back decoded */
647 *RemainingDesiredAccess = DesiredAccess;
648
649 /* Check if one of the rights requested was the SACL right */
651 {
652 /* Pretend that it's allowed FIXME: Do privilege check */
654 Granted = TRUE;
655 *RemainingDesiredAccess &= ~ACCESS_SYSTEM_SECURITY;
656 }
657 else
658 {
659 /* Nothing to grant */
660 Granted = FALSE;
661 }
662
663 /* If the caller did not pass in a token, close the handle to ours */
665
666 /* We need space to return only 1 privilege -- already part of the struct */
669 {
670 /* Tell the caller how much space we need and fail */
673 }
674
675 /* Check if the SACL right was granted */
677 if (Granted)
678 {
679 /* Yes, return it in the structure */
680 Privileges->PrivilegeCount = 1;
682 Privileges->Privilege[0].Luid.HighPart = 0;
684 }
685
686 /* All done */
688}
NTSYSAPI VOID NTAPI RtlMapGenericMask(PACCESS_MASK AccessMask, PGENERIC_MAPPING GenericMapping)
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2664
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
struct _PRIVILEGE_SET PRIVILEGE_SET
◆ RtlNewSecurityObject()
| NTSTATUS NTAPI RtlNewSecurityObject | ( | IN PSECURITY_DESCRIPTOR | ParentDescriptor, |
| IN PSECURITY_DESCRIPTOR | CreatorDescriptor, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor, | ||
| IN BOOLEAN | IsDirectoryObject, | ||
| IN HANDLE | Token, | ||
| IN PGENERIC_MAPPING | GenericMapping | ||
| ) |
Definition at line 423 of file security.c.
429{
431
432 /* Call the internal API */
434 CreatorDescriptor,
435 NewDescriptor,
436 NULL,
437 0,
438 IsDirectoryObject,
439 0,
440 Token,
441 GenericMapping);
442}
NTSTATUS NTAPI RtlpNewSecurityObject(IN PSECURITY_DESCRIPTOR ParentDescriptor, IN PSECURITY_DESCRIPTOR CreatorDescriptor, OUT PSECURITY_DESCRIPTOR *NewDescriptor, IN LPGUID *ObjectTypes, IN ULONG GuidCount, IN BOOLEAN IsDirectoryObject, IN ULONG AutoInheritFlags, IN HANDLE Token, IN PGENERIC_MAPPING GenericMapping)
Definition: security.c:204
◆ RtlNewSecurityObjectEx()
| NTSTATUS NTAPI RtlNewSecurityObjectEx | ( | IN PSECURITY_DESCRIPTOR | ParentDescriptor, |
| IN PSECURITY_DESCRIPTOR | CreatorDescriptor, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor, | ||
| IN LPGUID | ObjectType, | ||
| IN BOOLEAN | IsDirectoryObject, | ||
| IN ULONG | AutoInheritFlags, | ||
| IN HANDLE | Token, | ||
| IN PGENERIC_MAPPING | GenericMapping | ||
| ) |
Definition at line 449 of file security.c.
457{
459
460 /* Call the internal API */
462 CreatorDescriptor,
463 NewDescriptor,
465 ObjectType ? 1 : 0,
466 IsDirectoryObject,
467 AutoInheritFlags,
468 Token,
469 GenericMapping);
470}
◆ RtlNewSecurityObjectWithMultipleInheritance()
| NTSTATUS NTAPI RtlNewSecurityObjectWithMultipleInheritance | ( | IN PSECURITY_DESCRIPTOR | ParentDescriptor, |
| IN PSECURITY_DESCRIPTOR | CreatorDescriptor, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor, | ||
| IN LPGUID * | ObjectTypes, | ||
| IN ULONG | GuidCount, | ||
| IN BOOLEAN | IsDirectoryObject, | ||
| IN ULONG | AutoInheritFlags, | ||
| IN HANDLE | Token, | ||
| IN PGENERIC_MAPPING | GenericMapping | ||
| ) |
Definition at line 477 of file security.c.
486{
488
489 /* Call the internal API */
491 CreatorDescriptor,
492 NewDescriptor,
493 ObjectTypes,
494 GuidCount,
495 IsDirectoryObject,
496 AutoInheritFlags,
497 Token,
498 GenericMapping);
499}
◆ RtlpConvertToAutoInheritSecurityObject()
| NTSTATUS NTAPI RtlpConvertToAutoInheritSecurityObject | ( | IN PSECURITY_DESCRIPTOR | ParentDescriptor, |
| IN PSECURITY_DESCRIPTOR | CreatorDescriptor, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor, | ||
| IN LPGUID | ObjectType, | ||
| IN BOOLEAN | IsDirectoryObject, | ||
| IN PGENERIC_MAPPING | GenericMapping | ||
| ) |
Definition at line 220 of file security.c.
Referenced by RtlConvertToAutoInheritSecurityObject().
◆ RtlpNewSecurityObject()
| NTSTATUS NTAPI RtlpNewSecurityObject | ( | IN PSECURITY_DESCRIPTOR | ParentDescriptor, |
| IN PSECURITY_DESCRIPTOR | CreatorDescriptor, | ||
| OUT PSECURITY_DESCRIPTOR * | NewDescriptor, | ||
| IN LPGUID * | ObjectTypes, | ||
| IN ULONG | GuidCount, | ||
| IN BOOLEAN | IsDirectoryObject, | ||
| IN ULONG | AutoInheritFlags, | ||
| IN HANDLE | Token, | ||
| IN PGENERIC_MAPPING | GenericMapping | ||
| ) |
Definition at line 204 of file security.c.
Referenced by RtlNewSecurityObject(), RtlNewSecurityObjectEx(), and RtlNewSecurityObjectWithMultipleInheritance().
◆ RtlpSetSecurityObject()
| NTSTATUS NTAPI RtlpSetSecurityObject | ( | IN PVOID Object | OPTIONAL, |
| IN SECURITY_INFORMATION | SecurityInformation, | ||
| IN PSECURITY_DESCRIPTOR | ModificationDescriptor, | ||
| IN OUT PSECURITY_DESCRIPTOR * | ObjectsSecurityDescriptor, | ||
| IN ULONG | AutoInheritFlags, | ||
| IN ULONG | PoolType, | ||
| IN PGENERIC_MAPPING | GenericMapping, | ||
| IN HANDLE Token | OPTIONAL | ||
| ) |
Definition at line 19 of file security.c.
27{
33 BOOLEAN Defaulted;
34 BOOLEAN Present;
35 ULONG ulOwnerSidSize = 0, ulGroupSidSize = 0;
36 ULONG ulDaclSize = 0, ulSaclSize = 0;
37 ULONG ulNewSdSize;
39 PUCHAR pDest;
41
43
44 /* Change the Owner SID */
46 {
50 }
51 else
52 {
56 }
57
60
61 ulOwnerSidSize = RtlLengthSid(pOwnerSid);
62
63 /* Change the Group SID */
65 {
69 }
70 else
71 {
75 }
76
79
81
82 /* Change the DACL */
84 {
88
90 }
91 else
92 {
96
97 if (Present)
99
100 if (Defaulted)
102 }
103
105 ulDaclSize = pDacl->AclSize;
106
107 /* Change the SACL */
109 {
113
115 }
116 else
117 {
118 Status = RtlGetSaclSecurityDescriptor(*ObjectsSecurityDescriptor, &Present, &pSacl, &Defaulted);
121
122 if (Present)
124
125 if (Defaulted)
127 }
128
130 ulSaclSize = pSacl->AclSize;
131
132 /* Calculate the size of the new security descriptor */
138
139 /* Allocate the new security descriptor */
140 pNewSd = RtlAllocateHeap(RtlGetProcessHeap(), 0, ulNewSdSize);
142 {
145 goto done;
146 }
147
148 /* Initialize the new security descriptor */
151 {
153 goto done;
154 }
155
156 /* Set the security descriptor control flags */
158
160
161 /* Copy the SACL */
163 {
164 RtlCopyMemory(pDest, pSacl, ulSaclSize);
167 }
168
169 /* Copy the DACL */
171 {
172 RtlCopyMemory(pDest, pDacl, ulDaclSize);
175 }
176
177 /* Copy the Owner SID */
178 RtlCopyMemory(pDest, pOwnerSid, ulOwnerSidSize);
181
182 /* Copy the Group SID */
183 RtlCopyMemory(pDest, pGroupSid, ulGroupSidSize);
185
186 /* Free the old security descriptor */
188
189 /* Return the new security descriptor */
190 *ObjectsSecurityDescriptor = (PSECURITY_DESCRIPTOR)pNewSd;
191
192done:
194 {
196 RtlFreeHeap(RtlGetProcessHeap(), 0, pNewSd);
197 }
198
200}
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
NTSYSAPI NTSTATUS NTAPI RtlGetSaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN SaclPresent, _Out_ PACL *Sacl, _Out_ PBOOLEAN SaclDefaulted)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptorRelative(_Out_ PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS NTAPI RtlGetDaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN DaclPresent, _Out_ PACL *Dacl, _Out_ PBOOLEAN DaclDefaulted)
NTSYSAPI NTSTATUS NTAPI RtlGetGroupSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Group, OUT PBOOLEAN GroupDefaulted)
Definition: sd.c:280
NTSYSAPI NTSTATUS NTAPI RtlGetOwnerSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Owner, OUT PBOOLEAN OwnerDefaulted)
Definition: sd.c:257
Definition: ms-dtyp.idl:293
Definition: setypes.h:848
struct _SECURITY_DESCRIPTOR_RELATIVE SECURITY_DESCRIPTOR_RELATIVE
Referenced by RtlSetSecurityObject(), and RtlSetSecurityObjectEx().
◆ RtlQuerySecurityObject()
| NTSTATUS NTAPI RtlQuerySecurityObject | ( | IN PSECURITY_DESCRIPTOR | ObjectDescriptor, |
| IN SECURITY_INFORMATION | SecurityInformation, | ||
| OUT PSECURITY_DESCRIPTOR | ResultantDescriptor, | ||
| IN ULONG | DescriptorLength, | ||
| OUT PULONG | ReturnLength | ||
| ) |
Definition at line 695 of file security.c.
700{
703 BOOLEAN defaulted, present;
704 PACL pacl;
705 PSID psid;
706
709
711 {
716 }
717
719 {
724 }
725
727 {
732 }
733
735 {
740 }
741
742 *ReturnLength = DescriptorLength;
744}
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
NTSYSAPI NTSTATUS NTAPI RtlSetSaclSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN SaclPresent, IN PACL Sacl, IN BOOLEAN SaclDefaulted)
Definition: sd.c:342
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
◆ RtlRegisterSecureMemoryCacheCallback()
| NTSTATUS NTAPI RtlRegisterSecureMemoryCacheCallback | ( | IN PRTL_SECURE_MEMORY_CACHE_CALLBACK | Callback | ) |
Definition at line 819 of file security.c.
◆ RtlSetSecurityObject()
| NTSTATUS NTAPI RtlSetSecurityObject | ( | IN SECURITY_INFORMATION | SecurityInformation, |
| IN PSECURITY_DESCRIPTOR | ModificationDescriptor, | ||
| IN OUT PSECURITY_DESCRIPTOR * | ObjectsSecurityDescriptor, | ||
| IN PGENERIC_MAPPING | GenericMapping, | ||
| IN HANDLE Token | OPTIONAL | ||
| ) |
Definition at line 752 of file security.c.
757{
758 /* Call the internal API */
760 SecurityInformation,
761 ModificationDescriptor,
762 ObjectsSecurityDescriptor,
763 0,
764 PagedPool,
765 GenericMapping,
766 Token);
767}
NTSTATUS NTAPI RtlpSetSecurityObject(IN PVOID Object OPTIONAL, IN SECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, IN ULONG AutoInheritFlags, IN ULONG PoolType, IN PGENERIC_MAPPING GenericMapping, IN HANDLE Token OPTIONAL)
Definition: security.c:19
◆ RtlSetSecurityObjectEx()
| NTSTATUS NTAPI RtlSetSecurityObjectEx | ( | IN SECURITY_INFORMATION | SecurityInformation, |
| IN PSECURITY_DESCRIPTOR | ModificationDescriptor, | ||
| IN OUT PSECURITY_DESCRIPTOR * | ObjectsSecurityDescriptor, | ||
| IN ULONG | AutoInheritFlags, | ||
| IN PGENERIC_MAPPING | GenericMapping, | ||
| IN HANDLE Token | OPTIONAL | ||
| ) |
Definition at line 774 of file security.c.
780{
781 /* Call the internal API */
783 SecurityInformation,
784 ModificationDescriptor,
785 ObjectsSecurityDescriptor,
786 AutoInheritFlags,
787 PagedPool,
788 GenericMapping,
789 Token);
790
791}
