ReactOS 0.4.16-dev-1946-g52006dd
CmSecurity.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS kernel-mode tests
3 * LICENSE: LGPLv2+ - See COPYING.LIB in the top level directory
4 * PURPOSE: Kernel-Mode Test Suite NPFS security test
5 * PROGRAMMER: Thomas Faber <thomas.faber@reactos.org>
6 */
7
8#include <kmt_test.h>
9#include "../ntos_se/se.h"
10
11#define CheckKeySecurity(name, AceCount, ...) CheckKeySecurity_(name, AceCount, __FILE__, __LINE__, ##__VA_ARGS__)
12#define CheckKeySecurity_(name, AceCount, file, line, ...) CheckKeySecurity__(name, AceCount, file ":" KMT_STRINGIZE(line), ##__VA_ARGS__)
13static
14VOID
15CheckKeySecurity__(
16 _In_ PCWSTR KeyName,
17 _In_ ULONG AceCount,
18 _In_ PCSTR FileAndLine,
19 ...)
20{
21 NTSTATUS Status;
22 UNICODE_STRING KeyNameString;
23 OBJECT_ATTRIBUTES ObjectAttributes;
24 HANDLE KeyHandle;
25 PSECURITY_DESCRIPTOR SecurityDescriptor;
26 ULONG SecurityDescriptorSize;
27 PSID Owner;
28 PSID Group;
29 PACL Dacl;
30 PACL Sacl;
31 BOOLEAN Present;
32 BOOLEAN Defaulted;
33 va_list Arguments;
34
35 RtlInitUnicodeString(&KeyNameString, KeyName);
36 InitializeObjectAttributes(&ObjectAttributes,
37 &KeyNameString,
38 OBJ_KERNEL_HANDLE,
39 NULL,
40 NULL);
41 Status = ZwOpenKey(&KeyHandle,
42 READ_CONTROL | ACCESS_SYSTEM_SECURITY,
43 &ObjectAttributes);
44 ok_eq_hex(Status, STATUS_SUCCESS);
45 if (skip(NT_SUCCESS(Status), "No key (%ls)\n", KeyName))
46 {
47 return;
48 }
49
50 Status = ZwQuerySecurityObject(KeyHandle,
51 OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION,
52 NULL,
53 0,
54 &SecurityDescriptorSize);
55 ok_eq_hex(Status, STATUS_BUFFER_TOO_SMALL);
56 if (skip(Status == STATUS_BUFFER_TOO_SMALL, "No security size (%ls)\n", KeyName))
57 {
58 ObCloseHandle(KeyHandle, KernelMode);
59 return;
60 }
61
62 SecurityDescriptor = ExAllocatePoolWithTag(PagedPool,
63 SecurityDescriptorSize,
64 'dSmK');
65 ok(SecurityDescriptor != NULL, "Failed to allocate %lu bytes\n", SecurityDescriptorSize);
66 if (skip(SecurityDescriptor != NULL, "No memory for descriptor (%ls)\n", KeyName))
67 {
68 ObCloseHandle(KeyHandle, KernelMode);
69 return;
70 }
71
72 Status = ZwQuerySecurityObject(KeyHandle,
73 OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION,
74 SecurityDescriptor,
75 SecurityDescriptorSize,
76 &SecurityDescriptorSize);
77 ok_eq_hex(Status, STATUS_SUCCESS);
78 if (NT_SUCCESS(Status))
79 {
80 Owner = NULL;
81 Status = RtlGetOwnerSecurityDescriptor(SecurityDescriptor,
82 &Owner,
83 &Defaulted);
84 CheckSid(Owner, NO_SIZE, SeExports->SeAliasAdminsSid);
85 ok(Defaulted == FALSE, "Owner defaulted for %ls\n", KeyName);
86
87 Group = NULL;
88 Status = RtlGetGroupSecurityDescriptor(SecurityDescriptor,
89 &Group,
90 &Defaulted);
91 CheckSid(Group, NO_SIZE, SeExports->SeLocalSystemSid);
92 ok(Defaulted == FALSE, "Group defaulted for %ls\n", KeyName);
93
94 Dacl = NULL;
95 Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
96 &Present,
97 &Dacl,
98 &Defaulted);
99 ok_eq_hex(Status, STATUS_SUCCESS);
100 ok(Present == TRUE, "DACL not present for %ls\n", KeyName);
101 ok(Defaulted == FALSE, "DACL defaulted for %ls\n", KeyName);
102 va_start(Arguments, FileAndLine);
103 VCheckAcl__(Dacl, AceCount, FileAndLine, Arguments);
104 va_end(Arguments);
105
106 /* Windows 8+ has SACLs for:
107 * \REGISTRY\MACHINE\SAM
108 * \REGISTRY\MACHINE\SECURITY
109 * \REGISTRY\MACHINE\SOFTWARE
110 * \REGISTRY\MACHINE\SYSTEM
111 * \REGISTRY\USER\.DEFAULT
112 * \REGISTRY\USER\S-1-5-18
113 * \REGISTRY\USER\S-1-5-20
114 *
115 * TODO: Investigate these SACLs and test accordingly.
116 */
117 if (GetNTVersion() < _WIN32_WINNT_WIN8)
118 {
119 Sacl = NULL;
120 Status = RtlGetSaclSecurityDescriptor(SecurityDescriptor,
121 &Present,
122 &Sacl,
123 &Defaulted);
124 ok_eq_hex(Status, STATUS_SUCCESS);
125 ok(Present == FALSE, "SACL present for %ls\n", KeyName);
126 ok(Defaulted == FALSE, "SACL defaulted for %ls\n", KeyName);
127 ok(Sacl == NULL, "Sacl is %p for %ls\n", Sacl, KeyName);
128 }
129 }
130 ExFreePoolWithTag(SecurityDescriptor, 'dSmK');
131 ObCloseHandle(KeyHandle, KernelMode);
132}
133
134static void CmSecurity_WS03(PSID TerminalServerSid)
135{
136 CheckKeySecurity(L"\\REGISTRY",
137 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
138 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
139 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
140 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
141
142 CheckKeySecurity(L"\\REGISTRY\\MACHINE",
143 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
144 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
145 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
146 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
147
148 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\HARDWARE",
149 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
150 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
151 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
152 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
153
154 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SAM",
155 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
156 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
157 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
158 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
159
160 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SECURITY",
161 2, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
162 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, WRITE_DAC | READ_CONTROL);
163
164 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SOFTWARE",
165 12, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
166 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
167 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
168 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasPowerUsersSid, KEY_READ | KEY_WRITE | DELETE,
169 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
170 CONTAINER_INHERIT_ACE, SeExports->SeAliasPowerUsersSid, GENERIC_READ | GENERIC_WRITE | DELETE,
171 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
172 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
173 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
174 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
175 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
176 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
177 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
178 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
179 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL,
180 ACCESS_ALLOWED_ACE_TYPE, 0, TerminalServerSid, KEY_READ | KEY_WRITE | DELETE,
181 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
182 CONTAINER_INHERIT_ACE, TerminalServerSid, GENERIC_READ | GENERIC_WRITE | DELETE);
183
184 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SYSTEM",
185 10, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
186 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
187 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
188 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasPowerUsersSid, KEY_READ,
189 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
190 CONTAINER_INHERIT_ACE, SeExports->SeAliasPowerUsersSid, GENERIC_READ,
191 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
192 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
193 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
194 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
195 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
196 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
197 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
198 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
199 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
200
201 CheckKeySecurity(L"\\REGISTRY\\USER",
202 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
203 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
204 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
205 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
206
207 CheckKeySecurity(L"\\REGISTRY\\USER\\.DEFAULT",
208 10, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
209 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
210 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
211 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasPowerUsersSid, KEY_READ,
212 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
213 CONTAINER_INHERIT_ACE, SeExports->SeAliasPowerUsersSid, GENERIC_READ,
214 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
215 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
216 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
217 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
218 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
219 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
220 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
221 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
222 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
223
224 CheckKeySecurity(L"\\REGISTRY\\USER\\S-1-5-18",
225 10, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
226 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
227 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
228 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasPowerUsersSid, KEY_READ,
229 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
230 CONTAINER_INHERIT_ACE, SeExports->SeAliasPowerUsersSid, GENERIC_READ,
231 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
232 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
233 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
234 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
235 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
236 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
237 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
238 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
239 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
240
241 CheckKeySecurity(L"\\REGISTRY\\USER\\S-1-5-20",
242 8, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeNetworkServiceSid, KEY_ALL_ACCESS,
243 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
244 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
245 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeRestrictedSid, KEY_READ,
246 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
247 CONTAINER_INHERIT_ACE |
248 OBJECT_INHERIT_ACE, SeExports->SeNetworkServiceSid, GENERIC_ALL,
249 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
250 CONTAINER_INHERIT_ACE |
251 OBJECT_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
252 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
253 CONTAINER_INHERIT_ACE |
254 OBJECT_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
255 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
256 CONTAINER_INHERIT_ACE |
257 OBJECT_INHERIT_ACE, SeExports->SeRestrictedSid, GENERIC_READ);
258}
259
260static void CmSecurity_Vista(PSID TerminalServerSid)
261{
262 CheckKeySecurity(L"\\REGISTRY",
263 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
264 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
265 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
266 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
267
268 CheckKeySecurity(L"\\REGISTRY\\MACHINE",
269 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
270 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
271 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
272 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
273
274 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\HARDWARE",
275 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
276 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
277 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
278 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
279
280 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SAM",
281 8, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
282 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
283 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
284 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
285 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
286 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
287 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
288 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
289 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
290 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
291 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
292 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
293
294 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SECURITY",
295 2, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
296 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, WRITE_DAC | READ_CONTROL);
297
298 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SOFTWARE",
299 8, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
300 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
301 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
302 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
303 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
304 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
305 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
306 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
307 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
308 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
309 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
310 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
311
312 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SYSTEM",
313 8, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
314 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
315 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
316 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
317 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
318 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
319 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
320 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
321 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
322 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
323 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
324 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
325
326 CheckKeySecurity(L"\\REGISTRY\\USER",
327 4, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
328 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
329 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
330 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
331
332 CheckKeySecurity(L"\\REGISTRY\\USER\\.DEFAULT",
333 8, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
334 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
335 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
336 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
337 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
338 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
339 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
340 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
341 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
342 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
343 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
344 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
345
346 CheckKeySecurity(L"\\REGISTRY\\USER\\S-1-5-18",
347 8, ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasUsersSid, KEY_READ,
348 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
349 CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, GENERIC_READ,
350 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
351 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
352 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, GENERIC_ALL,
353 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
354 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
355 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, GENERIC_ALL,
356 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
357 ACCESS_ALLOWED_ACE_TYPE, INHERIT_ONLY_ACE |
358 CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, GENERIC_ALL);
359
360 CheckKeySecurity(L"\\REGISTRY\\USER\\S-1-5-20",
361 4, ACCESS_ALLOWED_ACE_TYPE, OBJECT_INHERIT_ACE |
362 CONTAINER_INHERIT_ACE, SeExports->SeNetworkServiceSid, KEY_ALL_ACCESS,
363 ACCESS_ALLOWED_ACE_TYPE, OBJECT_INHERIT_ACE |
364 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
365 ACCESS_ALLOWED_ACE_TYPE, OBJECT_INHERIT_ACE |
366 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
367 ACCESS_ALLOWED_ACE_TYPE, OBJECT_INHERIT_ACE |
368 CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ);
369}
370
371static void CmSecurity_Win8(PSID TerminalServerSid)
372{
373 CheckKeySecurity(L"\\REGISTRY",
374 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
375 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
376 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
377 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ,
378 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
379
380 CheckKeySecurity(L"\\REGISTRY\\MACHINE",
381 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
382 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
383 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
384 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ,
385 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
386
387 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\HARDWARE",
388 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
389 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
390 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
391 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ,
392 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
393
394 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SAM",
395 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, KEY_READ,
396 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
397 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
398 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, KEY_ALL_ACCESS,
399 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
400
401 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SECURITY",
402 2, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
403 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, WRITE_DAC | READ_CONTROL);
404
405 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SOFTWARE",
406 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, KEY_READ,
407 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
408 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
409 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, KEY_ALL_ACCESS,
410 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
411
412 CheckKeySecurity(L"\\REGISTRY\\MACHINE\\SYSTEM",
413 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, KEY_READ,
414 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
415 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
416 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, KEY_ALL_ACCESS,
417 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
418
419 CheckKeySecurity(L"\\REGISTRY\\USER",
420 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
421 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
422 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeWorldSid, KEY_READ,
423 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ,
424 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
425
426 CheckKeySecurity(L"\\REGISTRY\\USER\\.DEFAULT",
427 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, KEY_READ,
428 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
429 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
430 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, KEY_ALL_ACCESS,
431 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
432
433 CheckKeySecurity(L"\\REGISTRY\\USER\\S-1-5-18",
434 5, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasUsersSid, KEY_READ,
435 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
436 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
437 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeCreatorOwnerSid, KEY_ALL_ACCESS,
438 ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE, SeExports->SeAllAppPackagesSid, KEY_READ);
439
440 CheckKeySecurity(L"\\REGISTRY\\USER\\S-1-5-20",
441 5, ACCESS_ALLOWED_ACE_TYPE, OBJECT_INHERIT_ACE |
442 CONTAINER_INHERIT_ACE, SeExports->SeNetworkServiceSid, KEY_ALL_ACCESS,
443 ACCESS_ALLOWED_ACE_TYPE, OBJECT_INHERIT_ACE |
444 CONTAINER_INHERIT_ACE, SeExports->SeLocalSystemSid, KEY_ALL_ACCESS,
445 ACCESS_ALLOWED_ACE_TYPE, OBJECT_INHERIT_ACE |
446 CONTAINER_INHERIT_ACE, SeExports->SeAliasAdminsSid, KEY_ALL_ACCESS,
447 ACCESS_ALLOWED_ACE_TYPE, OBJECT_INHERIT_ACE |
448 CONTAINER_INHERIT_ACE, SeExports->SeRestrictedSid, KEY_READ,
449 ACCESS_ALLOWED_ACE_TYPE, 0, SeExports->SeAllAppPackagesSid, KEY_READ);
450}
451
452START_TEST(CmSecurity)
453{
454 SID_IDENTIFIER_AUTHORITY NtSidAuthority = {SECURITY_NT_AUTHORITY};
455 PSID TerminalServerSid;
456
457 TerminalServerSid = ExAllocatePoolWithTag(PagedPool,
458 RtlLengthRequiredSid(1),
459 'iSmK');
460 if (TerminalServerSid != NULL)
461 {
462 RtlInitializeSid(TerminalServerSid, &NtSidAuthority, 1);
463 *RtlSubAuthoritySid(TerminalServerSid, 0) = SECURITY_TERMINAL_SERVER_RID;
464 }
465
466 switch (GetNTVersion())
467 {
468 case _WIN32_WINNT_WS03:
469 CmSecurity_WS03(TerminalServerSid);
470 break;
471 case _WIN32_WINNT_VISTA:
472 case _WIN32_WINNT_WIN7:
473 CmSecurity_Vista(TerminalServerSid);
474 break;
475 case _WIN32_WINNT_WIN8:
476 case _WIN32_WINNT_WINBLUE:
477 case _WIN32_WINNT_WIN10:
478 CmSecurity_Win8(TerminalServerSid);
479 break;
480 default:
481 if (GetNTVersion() < _WIN32_WINNT_WS03)
482 {
483 trace("Unknown NT version (0x%X < 0x%X), running WS03 tests...\n", GetNTVersion(), _WIN32_WINNT_WS03);
484 CmSecurity_WS03(TerminalServerSid);
485 }
486 else
487 {
488 trace("Unknown NT version (0x%X > 0x%X), running latest tests...\n", GetNTVersion(), _WIN32_WINNT_WIN10);
489 CmSecurity_Win8(TerminalServerSid);
490 }
491 break;
492 }
493
494 if (TerminalServerSid != NULL)
495 {
496 ExFreePoolWithTag(TerminalServerSid, 'iSmK');
497 }
498}
CmSecurity_WS03
static void CmSecurity_WS03(PSID TerminalServerSid)
Definition: CmSecurity.c:134
CmSecurity_Vista
static void CmSecurity_Vista(PSID TerminalServerSid)
Definition: CmSecurity.c:260
CheckKeySecurity__
static VOID CheckKeySecurity__(_In_ PCWSTR KeyName, _In_ ULONG AceCount, _In_ PCSTR FileAndLine,...)
Definition: CmSecurity.c:15
CheckKeySecurity
#define CheckKeySecurity(name, AceCount,...)
Definition: CmSecurity.c:11
CmSecurity_Win8
static void CmSecurity_Win8(PSID TerminalServerSid)
Definition: CmSecurity.c:371
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
va_list
char * va_list
Definition: acmsvcex.h:78
va_end
#define va_end(ap)
Definition: acmsvcex.h:90
va_start
#define va_start(ap, A)
Definition: acmsvcex.h:91
ok_eq_hex
#define ok_eq_hex(value, expected)
Definition: apitest.h:134
GetNTVersion
#define GetNTVersion()
Definition: apitest.h:17
trace
#define trace
Definition: atltest.h:70
ok
#define ok(value,...)
Definition: atltest.h:57
skip
#define skip(...)
Definition: atltest.h:64
START_TEST
#define START_TEST(x)
Definition: atltest.h:75
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
Group
@ Group
Definition: help.c:22
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:135
L
#define L(x)
Definition: resources.c:13
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
PagedPool
#define PagedPool
Definition: env_spec_w32.h:308
Status
Status
Definition: gdiplustypes.h:25
OBJ_KERNEL_HANDLE
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
kmt_test.h
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
VCheckAcl__
VOID VCheckAcl__(_In_ PACL Acl, _In_ ULONG AceCount, _In_ PCSTR FileAndLine, _In_ va_list Arguments)
Definition: SeHelpers.c:128
NO_SIZE
#define NO_SIZE
Definition: se.h:29
CheckSid
#define CheckSid(Sid, SidSize, ExpectedSid)
Definition: se.h:31
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
KernelMode
#define KernelMode
Definition: asm.h:38
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1625
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
Owner
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
Definition: rtlfuncs.h:1629
RtlGetSaclSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetSaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN SaclPresent, _Out_ PACL *Sacl, _Out_ PBOOLEAN SaclDefaulted)
Sacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL Sacl
Definition: rtlfuncs.h:1627
RtlGetDaclSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetDaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN DaclPresent, _Out_ PACL *Dacl, _Out_ PBOOLEAN DaclDefaulted)
_In_
#define _In_
Definition: no_sal2.h:158
WRITE_DAC
#define WRITE_DAC
Definition: nt_native.h:59
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1044
KEY_READ
#define KEY_READ
Definition: nt_native.h:1026
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
DELETE
#define DELETE
Definition: nt_native.h:57
KEY_WRITE
#define KEY_WRITE
Definition: nt_native.h:1034
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
RtlGetGroupSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetGroupSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Group, OUT PBOOLEAN GroupDefaulted)
Definition: sd.c:280
RtlGetOwnerSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetOwnerSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Owner, OUT PBOOLEAN OwnerDefaulted)
Definition: sd.c:257
RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
ObCloseHandle
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3379
NtSidAuthority
static SID_IDENTIFIER_AUTHORITY NtSidAuthority
Definition: samrpc.c:14
_WIN32_WINNT_WIN10
#define _WIN32_WINNT_WIN10
Definition: sdkddkver.h:32
_WIN32_WINNT_WS03
#define _WIN32_WINNT_WS03
Definition: sdkddkver.h:23
_WIN32_WINNT_WINBLUE
#define _WIN32_WINNT_WINBLUE
Definition: sdkddkver.h:30
_WIN32_WINNT_WIN8
#define _WIN32_WINNT_WIN8
Definition: sdkddkver.h:29
_WIN32_WINNT_WIN7
#define _WIN32_WINNT_WIN7
Definition: sdkddkver.h:28
_WIN32_WINNT_VISTA
#define _WIN32_WINNT_VISTA
Definition: sdkddkver.h:25
SeExports
PSE_EXPORTS SeExports
Definition: semgr.c:21
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_ACL
Definition: ms-dtyp.idl:293
_OBJECT_ATTRIBUTES
Definition: umtypes.h:184
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SE_EXPORTS::SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: setypes.h:1242
_SE_EXPORTS::SeAllAppPackagesSid
PSID SeAllAppPackagesSid
Definition: setypes.h:1274
_SE_EXPORTS::SeAliasUsersSid
PSID SeAliasUsersSid
Definition: setypes.h:1243
_SE_EXPORTS::SeCreatorOwnerSid
PSID SeCreatorOwnerSid
Definition: setypes.h:1234
_SE_EXPORTS::SeRestrictedSid
PSID SeRestrictedSid
Definition: setypes.h:1251
_SE_EXPORTS::SeNetworkServiceSid
PSID SeNetworkServiceSid
Definition: setypes.h:1257
_SE_EXPORTS::SeWorldSid
PSID SeWorldSid
Definition: setypes.h:1232
_SE_EXPORTS::SeAliasPowerUsersSid
PSID SeAliasPowerUsersSid
Definition: setypes.h:1245
_SE_EXPORTS::SeLocalSystemSid
PSID SeLocalSystemSid
Definition: setypes.h:1241
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
_SID
Definition: ms-dtyp.idl:198
_UNICODE_STRING
Definition: env_spec_w32.h:368
PCWSTR
const uint16_t * PCWSTR
Definition: typedefs.h:57
PCSTR
const char * PCSTR
Definition: typedefs.h:52
ULONG
uint32_t ULONG
Definition: typedefs.h:59
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2705
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
ACCESS_ALLOWED_ACE_TYPE
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
OWNER_SECURITY_INFORMATION
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
SECURITY_TERMINAL_SERVER_RID
#define SECURITY_TERMINAL_SERVER_RID
Definition: setypes.h:570
GROUP_SECURITY_INFORMATION
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
SACL_SECURITY_INFORMATION
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126