ReactOS 0.4.15-dev-5893-g1bb4167
security.h
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS Win32k subsystem
3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4 * PURPOSE: Security infrastructure of NTUSER component of Win32k
5 * COPYRIGHT: Copyright 2022 George Bișoc <george.bisoc@reactos.org>
6 */
7
8#pragma once
9
10//
11// USER objects security rights
12//
13
14/* Desktop access rights */
15#define DESKTOP_READ (STANDARD_RIGHTS_READ | \
16 DESKTOP_ENUMERATE | \
17 DESKTOP_READOBJECTS)
18
19#define DESKTOP_WRITE (STANDARD_RIGHTS_WRITE | \
20 DESKTOP_CREATEMENU | \
21 DESKTOP_CREATEWINDOW | \
22 DESKTOP_HOOKCONTROL | \
23 DESKTOP_JOURNALPLAYBACK | \
24 DESKTOP_JOURNALRECORD | \
25 DESKTOP_WRITEOBJECTS)
26
27#define DESKTOP_EXECUTE (STANDARD_RIGHTS_EXECUTE | \
28 DESKTOP_SWITCHDESKTOP)
29
30#define DESKTOP_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
31 DESKTOP_CREATEMENU | \
32 DESKTOP_CREATEWINDOW | \
33 DESKTOP_ENUMERATE | \
34 DESKTOP_HOOKCONTROL | \
35 DESKTOP_JOURNALPLAYBACK | \
36 DESKTOP_JOURNALRECORD | \
37 DESKTOP_READOBJECTS | \
38 DESKTOP_SWITCHDESKTOP | \
39 DESKTOP_WRITEOBJECTS)
40
41/* Window Station access rights */
42#define WINSTA_READ (STANDARD_RIGHTS_READ | \
43 WINSTA_ENUMDESKTOPS | \
44 WINSTA_ENUMERATE | \
45 WINSTA_READATTRIBUTES | \
46 WINSTA_READSCREEN)
47
48#define WINSTA_WRITE (STANDARD_RIGHTS_WRITE | \
49 WINSTA_ACCESSCLIPBOARD | \
50 WINSTA_CREATEDESKTOP | \
51 WINSTA_WRITEATTRIBUTES)
52
53#define WINSTA_EXECUTE (STANDARD_RIGHTS_EXECUTE | \
54 WINSTA_ACCESSGLOBALATOMS | \
55 WINSTA_EXITWINDOWS)
56
57#define WINSTA_ACCESS_ALL (STANDARD_RIGHTS_REQUIRED | \
58 WINSTA_ACCESSCLIPBOARD | \
59 WINSTA_ACCESSGLOBALATOMS | \
60 WINSTA_CREATEDESKTOP | \
61 WINSTA_ENUMDESKTOPS | \
62 WINSTA_ENUMERATE | \
63 WINSTA_EXITWINDOWS | \
64 WINSTA_READATTRIBUTES | \
65 WINSTA_READSCREEN | \
66 WINSTA_WRITEATTRIBUTES)
67
68//
69// Function prototypes
70//
71
74
78
79VOID
82
85 _Out_ PTOKEN_USER *User);
86
93
97 _Out_ PSECURITY_DESCRIPTOR *ServiceSd);
98
99/* EOF */
LONG NTSTATUS
Definition: precomp.h:26
Definition: bufpool.h:45
#define _Out_
Definition: ms_sal.h:345
#define _In_
Definition: ms_sal.h:308
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
#define NTAPI
Definition: typedefs.h:36
ULONG_PTR SIZE_T
Definition: typedefs.h:80
NTSTATUS NTAPI IntAssignDesktopSecurityOnParse(_In_ PWINSTATION_OBJECT WinSta, _In_ PDESKTOP Desktop, _In_ PACCESS_STATE AccessState)
Assigns a security descriptor to the desktop object during a desktop object parse procedure.
Definition: security.c:264
NTSTATUS IntQueryUserSecurityIdentification(_Out_ PTOKEN_USER *User)
Queries the authenticated user security identifier (SID) that is associated with the security context...
Definition: security.c:169
HANDLE IntCaptureCurrentAccessToken(VOID)
PVOID IntAllocateSecurityBuffer(_In_ SIZE_T Length)
Allocates a buffer within UM (user mode) address space area. Such buffer is reserved for security pur...
Definition: security.c:97
NTSTATUS NTAPI IntCreateServiceSecurity(_Out_ PSECURITY_DESCRIPTOR *ServiceSd)
Creates a security descriptor for the service.
Definition: security.c:321
VOID IntFreeSecurityBuffer(_In_ PVOID Buffer)
Frees an allocated security buffer from UM memory that is been previously allocated by IntAllocateSec...
Definition: security.c:133
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417