ReactOS 0.4.15-dev-7906-g1b85a5f
CmSecurity.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS kernel-mode tests
3 * LICENSE: LGPLv2+ - See COPYING.LIB in the top level directory
4 * PURPOSE: Kernel-Mode Test Suite NPFS security test
5 * PROGRAMMER: Thomas Faber <thomas.faber@reactos.org>
6 */
7
8#include <kmt_test.h>
9#include "../ntos_se/se.h"
10
11#define CheckKeySecurity(name, AceCount, ...) CheckKeySecurity_(name, AceCount, __FILE__, __LINE__, ##__VA_ARGS__)
12#define CheckKeySecurity_(name, AceCount, file, line, ...) CheckKeySecurity__(name, AceCount, file ":" KMT_STRINGIZE(line), ##__VA_ARGS__)
13static
14VOID
15CheckKeySecurity__(
16 _In_ PCWSTR KeyName,
17 _In_ ULONG AceCount,
18 _In_ PCSTR FileAndLine,
19 ...)
20{
21 NTSTATUS Status;
22 UNICODE_STRING KeyNameString;
23 OBJECT_ATTRIBUTES ObjectAttributes;
24 HANDLE KeyHandle;
25 PSECURITY_DESCRIPTOR SecurityDescriptor;
26 ULONG SecurityDescriptorSize;
27 PSID Owner;
28 PSID Group;
29 PACL Dacl;
30 PACL Sacl;
31 BOOLEAN Present;
32 BOOLEAN Defaulted;
33 va_list Arguments;
34
35 RtlInitUnicodeString(&KeyNameString, KeyName);
36 InitializeObjectAttributes(&ObjectAttributes,
37 &KeyNameString,
38 OBJ_KERNEL_HANDLE,
39 NULL,
40 NULL);
41 Status = ZwOpenKey(&KeyHandle,
42 READ_CONTROL | ACCESS_SYSTEM_SECURITY,
43 &ObjectAttributes);
44 ok_eq_hex(Status, STATUS_SUCCESS);
45 if (skip(NT_SUCCESS(Status), "No key (%ls)\n", KeyName))
46 {
47 return;
48 }
49
50 Status = ZwQuerySecurityObject(KeyHandle,
51 OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION,
52 NULL,
53 0,
54 &SecurityDescriptorSize);
55 ok_eq_hex(Status, STATUS_BUFFER_TOO_SMALL);
56 if (skip(Status == STATUS_BUFFER_TOO_SMALL, "No security size (%ls)\n", KeyName))
57 {
58 ObCloseHandle(KeyHandle, KernelMode);
59 return;
60 }
61
62 SecurityDescriptor = ExAllocatePoolWithTag(PagedPool,
63 SecurityDescriptorSize,
64 'dSmK');
65 ok(SecurityDescriptor != NULL, "Failed to allocate %lu bytes\n", SecurityDescriptorSize);
66 if (skip(SecurityDescriptor != NULL, "No memory for descriptor (%ls)\n", KeyName))
67 {
68 ObCloseHandle(KeyHandle, KernelMode);
69 return;
70 }
71
72 Status = ZwQuerySecurityObject(KeyHandle,
73 OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION,
74 SecurityDescriptor,
75 SecurityDescriptorSize,
76 &SecurityDescriptorSize);
77 ok_eq_hex(Status, STATUS_SUCCESS);
78 if (NT_SUCCESS(Status))
79 {
80 Owner = NULL;
81 Status = RtlGetOwnerSecurityDescriptor(SecurityDescriptor,
82 &Owner,
83 &Defaulted);
84 CheckSid(Owner, NO_SIZE, SeExports->SeAliasAdminsSid);
85 ok(Defaulted == FALSE, "Owner defaulted for %ls\n", KeyName);
86
87 Group = NULL;
88 Status = RtlGetGroupSecurityDescriptor(SecurityDescriptor,
89 &Group,
90 &Defaulted);
91 CheckSid(Group, NO_SIZE, SeExports->SeLocalSystemSid);
92 ok(Defaulted == FALSE, "Group defaulted for %ls\n", KeyName);
93
94 Dacl = NULL;
95 Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
96 &Present,
97 &Dacl,
98 &Defaulted);
99 ok_eq_hex(Status, STATUS_SUCCESS);
100 ok(Present == TRUE, "DACL not present for %ls\n", KeyName);
101 ok(Defaulted == FALSE, "DACL defaulted for %ls\n", KeyName);
102 va_start(Arguments, FileAndLine);
103 VCheckAcl__(Dacl, AceCount, FileAndLine, Arguments);
104 va_end(Arguments);
105
106 Sacl = NULL;
107 Status = RtlGetSaclSecurityDescriptor(SecurityDescriptor,
108 &Present,
109 &Sacl,
110 &Defaulted);
111 ok_eq_hex(Status, STATUS_SUCCESS);
112 ok(Present == FALSE, "SACL present for %ls\n", KeyName);
113 ok(Defaulted == FALSE, "SACL defaulted for %ls\n", KeyName);
114 ok(Sacl == NULL, "Sacl is %p for %ls\n", Sacl, KeyName);
115 }
116 ExFreePoolWithTag(SecurityDescriptor, 'dSmK');
117 ObCloseHandle(KeyHandle, KernelMode);
118}
119
120START_TEST(CmSecurity)
121{
122 SID_IDENTIFIER_AUTHORITY NtSidAuthority = {SECURITY_NT_AUTHORITY};
123 PSID TerminalServerSid;
124
125 TerminalServerSid = ExAllocatePoolWithTag(PagedPool,
126 RtlLengthRequiredSid(1),
127 'iSmK');
128 if (TerminalServerSid != NULL)
129 {
130 RtlInitializeSid(TerminalServerSid, &NtSidAuthority, 1);
131 *RtlSubAuthoritySid(TerminalServerSid, 0) = SECURITY_TERMINAL_SERVER_RID;
132 }
133 CheckKeySecurity(L"\\REGISTRY",
134 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
135 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
136 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
137 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
138
139 CheckKeySecurity(L"\\REGISTRY\\MACHINE",
140 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
141 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
142 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
143 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
144
145 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\HARDWARE",
146 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
147 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
148 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
149 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
150
151 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SAM",
152 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
153 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
154 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
155 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
156
157 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SECURITY",
158 2, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
159 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, WRITE_DAC | READ_CONTROL);
160
161 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SOFTWARE",
162 12, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
163 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
164 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
165 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasPowerUsersSid, KEY_READ | KEY_WRITE | DELETE,
166 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
167 CONTAINER_INHERIT_ACE, SeExports->SeAliasPowerUsersSid, GENERIC_READ | GENERIC_WRITE | DELETE,
168 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
169 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
170 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
171 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
172 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
173 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
174 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
175 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
176 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL,
177 ACCESS_ALLOWED_ACE_TYPE, 0, TerminalServerSid, KEY_READ | KEY_WRITE | DELETE,
178 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
179 CONTAINER_INHERIT_ACE, TerminalServerSid, GENERIC_READ | GENERIC_WRITE | DELETE);
180
181 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SYSTEM",
182 10, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
183 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
184 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
185 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasPowerUsersSid, KEY_READ,
186 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
187 CONTAINER_INHERIT_ACE, SeExports->SeAliasPowerUsersSid, GENERIC_READ,
188 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
189 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
190 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
191 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
192 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
193 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
194 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
195 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
196 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
197
198 CheckKeySecurity(L"\\REGISTRY\\USER",
199 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
200 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
201 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
202 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
203
204 CheckKeySecurity(L"\\REGISTRY\\USER\\.DEFAULT",
205 10, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
206 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
207 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
208 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasPowerUsersSid, KEY_READ,
209 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
210 CONTAINER_INHERIT_ACE, SeExports->SeAliasPowerUsersSid, GENERIC_READ,
211 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
212 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
213 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
214 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
215 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
216 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
217 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
218 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
219 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
220
221 CheckKeySecurity(L"\\REGISTRY\\USER\\S-1-5-18",
222 10, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
223 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
224 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
225 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasPowerUsersSid, KEY_READ,
226 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
227 CONTAINER_INHERIT_ACE, SeExports->SeAliasPowerUsersSid, GENERIC_READ,
228 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
229 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
230 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
231 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
232 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
233 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
234 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
235 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
236 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
237
238 CheckKeySecurity(L"\\REGISTRY\\USER\\S-1-5-20",
239 8, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeNetworkServiceSid, KEY_ALL_ACCESS,
240 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
241 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
242 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeRestrictedSid, KEY_READ,
243 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
244 CONTAINER_INHERIT_ACE |
245 OBJECT_INHERIT_ACE, SeExports->SeNetworkServiceSid, GENERIC_ALL,
246 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
247 CONTAINER_INHERIT_ACE |
248 OBJECT_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
249 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
250 CONTAINER_INHERIT_ACE |
251 OBJECT_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
252 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
253 CONTAINER_INHERIT_ACE |
254 OBJECT_INHERIT_ACE, SeExports->SeRestrictedSid, GENERIC_READ);
255
256 if (TerminalServerSid != NULL)
257 {
258 ExFreePoolWithTag(TerminalServerSid, 'iSmK');
259 }
260}
CheckKeySecurity__
static VOID CheckKeySecurity__(_In_ PCWSTR KeyName, _In_ ULONG AceCount, _In_ PCSTR FileAndLine,...)
Definition: CmSecurity.c:15
CheckKeySecurity
#define CheckKeySecurity(name, AceCount,...)
Definition: CmSecurity.c:11
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
va_list
char * va_list
Definition: acmsvcex.h:78
va_end
#define va_end(ap)
Definition: acmsvcex.h:90
va_start
#define va_start(ap, A)
Definition: acmsvcex.h:91
ok_eq_hex
#define ok_eq_hex(value, expected)
Definition: apitest.h:77
ok
#define ok(value,...)
Definition: atltest.h:57
skip
#define skip(...)
Definition: atltest.h:64
START_TEST
#define START_TEST(x)
Definition: atltest.h:75
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:135
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
PagedPool
#define PagedPool
Definition: env_spec_w32.h:308
Status
Status
Definition: gdiplustypes.h:25
OBJ_KERNEL_HANDLE
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
kmt_test.h
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
VCheckAcl__
VOID VCheckAcl__(_In_ PACL Acl, _In_ ULONG AceCount, _In_ PCSTR FileAndLine, _In_ va_list Arguments)
Definition: SeHelpers.c:128
NO_SIZE
#define NO_SIZE
Definition: se.h:29
CheckSid
#define CheckSid(Sid, SidSize, ExpectedSid)
Definition: se.h:31
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
_In_
#define _In_
Definition: ms_sal.h:308
KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
KernelMode
#define KernelMode
Definition: asm.h:34
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1593
Group
_In_opt_ PSID Group
Definition: rtlfuncs.h:1646
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
Owner
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1597
RtlGetSaclSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetSaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN SaclPresent, _Out_ PACL *Sacl, _Out_ PBOOLEAN SaclDefaulted)
Sacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL Sacl
Definition: rtlfuncs.h:1595
RtlGetDaclSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetDaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN DaclPresent, _Out_ PACL *Dacl, _Out_ PBOOLEAN DaclDefaulted)
WRITE_DAC
#define WRITE_DAC
Definition: nt_native.h:59
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
DELETE
#define DELETE
Definition: nt_native.h:57
KEY_WRITE
#define KEY_WRITE
Definition: nt_native.h:1031
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
RtlGetGroupSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetGroupSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Group, OUT PBOOLEAN GroupDefaulted)
Definition: sd.c:280
RtlGetOwnerSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetOwnerSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Owner, OUT PBOOLEAN OwnerDefaulted)
Definition: sd.c:257
RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
L
#define L(x)
Definition: ntvdm.h:50
ObCloseHandle
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3379
NtSidAuthority
static SID_IDENTIFIER_AUTHORITY NtSidAuthority
Definition: samrpc.c:14
SeExports
PSE_EXPORTS SeExports
Definition: semgr.c:21
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_ACL
Definition: ms-dtyp.idl:293
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SE_EXPORTS::SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: setypes.h:1229
_SE_EXPORTS::SeAliasUsersSid
PSID SeAliasUsersSid
Definition: setypes.h:1230
_SE_EXPORTS::SeCreatorOwnerSid
PSID SeCreatorOwnerSid
Definition: setypes.h:1221
_SE_EXPORTS::SeRestrictedSid
PSID SeRestrictedSid
Definition: setypes.h:1238
_SE_EXPORTS::SeNetworkServiceSid
PSID SeNetworkServiceSid
Definition: setypes.h:1244
_SE_EXPORTS::SeWorldSid
PSID SeWorldSid
Definition: setypes.h:1219
_SE_EXPORTS::SeAliasPowerUsersSid
PSID SeAliasPowerUsersSid
Definition: setypes.h:1232
_SE_EXPORTS::SeLocalSystemSid
PSID SeLocalSystemSid
Definition: setypes.h:1228
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
_SID
Definition: ms-dtyp.idl:198
_UNICODE_STRING
Definition: env_spec_w32.h:368
PCWSTR
const uint16_t * PCWSTR
Definition: typedefs.h:57
PCSTR
const char * PCSTR
Definition: typedefs.h:52
ULONG
uint32_t ULONG
Definition: typedefs.h:59
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2699
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
ACCESS_ALLOWED_ACE_TYPE
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
OWNER_SECURITY_INFORMATION
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
SECURITY_TERMINAL_SERVER_RID
#define SECURITY_TERMINAL_SERVER_RID
Definition: setypes.h:570
GROUP_SECURITY_INFORMATION
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
SACL_SECURITY_INFORMATION
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126