ReactOS 0.4.15-dev-7928-g68a8619
sid.c File Reference
#include <rtl.h>
#include <debug.h>
Include dependency graph for sid.c:

Go to the source code of this file.

Macros

#define NDEBUG
 
#define TAG_SID   'diSp'
 

Functions

BOOLEAN NTAPI RtlValidSid (IN PSID Sid_)
 
ULONG NTAPI RtlLengthRequiredSid (IN ULONG SubAuthorityCount)
 
NTSTATUS NTAPI RtlInitializeSid (IN PSID Sid_, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
 
PULONG NTAPI RtlSubAuthoritySid (IN PSID Sid_, IN ULONG SubAuthority)
 
PUCHAR NTAPI RtlSubAuthorityCountSid (IN PSID Sid_)
 
PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid (IN PSID Sid_)
 
BOOLEAN NTAPI RtlEqualSid (IN PSID Sid1_, IN PSID Sid2_)
 
ULONG NTAPI RtlLengthSid (IN PSID Sid_)
 
NTSTATUS NTAPI RtlCopySid (IN ULONG BufferLength, IN PSID Dest, IN PSID Src)
 
PVOID NTAPI RtlFreeSid (IN PSID Sid)
 
BOOLEAN NTAPI RtlEqualPrefixSid (IN PSID Sid1_, IN PSID Sid2_)
 
NTSTATUS NTAPI RtlCopySidAndAttributesArray (IN ULONG Count, IN PSID_AND_ATTRIBUTES Src, IN ULONG SidAreaSize, IN PSID_AND_ATTRIBUTES Dest, IN PSID SidArea, OUT PSID *RemainingSidArea, OUT PULONG RemainingSidAreaSize)
 
NTSTATUS NTAPI RtlAllocateAndInitializeSid (IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
 
NTSTATUS NTAPI RtlConvertSidToUnicodeString (IN PUNICODE_STRING String, IN PSID Sid_, IN BOOLEAN AllocateBuffer)
 
NTSTATUS NTAPI RtlCreateServiceSid (_In_ PUNICODE_STRING ServiceName, _Out_writes_bytes_opt_(*ServiceSidLength) PSID ServiceSid, _Inout_ PULONG ServiceSidLength)
 

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 12 of file sid.c.

◆ TAG_SID

#define TAG_SID   'diSp'

Definition at line 15 of file sid.c.

Function Documentation

◆ RtlAllocateAndInitializeSid()

NTSTATUS NTAPI RtlAllocateAndInitializeSid ( IN PSID_IDENTIFIER_AUTHORITY  IdentifierAuthority,
IN UCHAR  SubAuthorityCount,
IN ULONG  SubAuthority0,
IN ULONG  SubAuthority1,
IN ULONG  SubAuthority2,
IN ULONG  SubAuthority3,
IN ULONG  SubAuthority4,
IN ULONG  SubAuthority5,
IN ULONG  SubAuthority6,
IN ULONG  SubAuthority7,
OUT PSID Sid 
)

Definition at line 290 of file sid.c.

301{
302 PISID pSid;
304
305 /* SIDs can only have up to 8 subauthorities */
307
308 /* Allocate memory to hold the SID */
310 if (!pSid) return STATUS_NO_MEMORY;
311
312 /* Fill out the header */
316
317 /* Iteraratively drop into each successive lower count */
318 switch (SubAuthorityCount)
319 {
320 /* And copy the needed subahority */
321 case 8: pSid->SubAuthority[7] = SubAuthority7;
322 case 7: pSid->SubAuthority[6] = SubAuthority6;
323 case 6: pSid->SubAuthority[5] = SubAuthority5;
324 case 5: pSid->SubAuthority[4] = SubAuthority4;
325 case 4: pSid->SubAuthority[3] = SubAuthority3;
326 case 3: pSid->SubAuthority[2] = SubAuthority2;
327 case 2: pSid->SubAuthority[1] = SubAuthority1;
328 case 1: pSid->SubAuthority[0] = SubAuthority0;
329 default: break;
330 }
331
332 /* Return the allocated SID */
333 *Sid = pSid;
334 return STATUS_SUCCESS;
335}
static PSID pSid
Definition: security.c:74
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
_In_ PSID_IDENTIFIER_AUTHORITY _In_ UCHAR SubAuthorityCount
Definition: rtlfuncs.h:1515
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1133
_In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: rtlfuncs.h:1513
#define STATUS_INVALID_SID
Definition: ntstatus.h:356
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
PVOID NTAPI RtlpAllocateMemory(_In_ ULONG Bytes, _In_ ULONG Tag)
Definition: rtlcompat.c:34
#define PAGED_CODE_RTL()
Definition: rtlp.h:16
#define STATUS_SUCCESS
Definition: shellext.h:65
BYTE Revision
Definition: ms-dtyp.idl:199
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: ms-dtyp.idl:201
#define TAG_SID
Definition: tag.h:152
#define SID_REVISION
Definition: setypes.h:481

Referenced by AccessCheckEmptyMappingTest(), AccessGrantedMultipleObjectsTests(), AccessGrantedNoDaclTests(), AccessGrantedTests(), AllocateAndInitializeSid(), AppendRidToSid(), BuildTokenGroups(), CreateBaseAcls(), CreateNewDefaultDacl(), CreateNlsDirectorySecurity(), CreateNlsSecurityDescriptor(), CSR_API(), CsrCreateLocalSystemSD(), CsrpConnectToServer(), DenyAccessTests(), DllMain(), GetDosDevicesProtection(), GrantedAccessTests(), K32CreateDBMonMutex(), LogonUserExW(), LsapAppendRidToSid(), LsapCreateAccountSd(), LsapCreatePolicySd(), LsapCreateRandomDomainSid(), LsapCreateSecretSd(), LsapCreateTokenSd(), LsapGetDomainInfo(), MyLogonUser(), QueryTokenPrivilegesAndGroupsTests(), QueryTokenRestrictedSidsTest(), RtlpSysVolCheckOwnerAndSecurity(), RtlpSysVolCreateSecurityDescriptor(), RtlpSysVolTakeOwnership(), SampCreateAccountDomainSD(), SampCreateAliasSD(), SampCreateBuiltinDomainSD(), SampCreateGroupSD(), SampCreateServerSD(), SampCreateUserSD(), and SmpCreateSecurityDescriptors().

◆ RtlConvertSidToUnicodeString()

NTSTATUS NTAPI RtlConvertSidToUnicodeString ( IN PUNICODE_STRING  String,
IN PSID  Sid_,
IN BOOLEAN  AllocateBuffer 
)

Definition at line 342 of file sid.c.

345{
346 WCHAR Buffer[256];
347 PWSTR wcs;
349 ULONG i;
350 PISID Sid = Sid_;
352
353 if (!RtlValidSid(Sid)) return STATUS_INVALID_SID;
354
355 wcs = Buffer;
356 wcs += swprintf(wcs, L"S-1-");
357
358 if ((Sid->IdentifierAuthority.Value[0] == 0) &&
359 (Sid->IdentifierAuthority.Value[1] == 0))
360 {
361 wcs += swprintf(wcs,
362 L"%lu",
367 }
368 else
369 {
370 wcs += swprintf(wcs,
371 L"0x%02hx%02hx%02hx%02hx%02hx%02hx",
378 }
379
380 for (i = 0; i < Sid->SubAuthorityCount; i++)
381 {
382 wcs += swprintf(wcs, L"-%u", Sid->SubAuthority[i]);
383 }
384
385 if (AllocateBuffer)
386 {
388 }
389 else
390 {
391 Length = (wcs - Buffer) * sizeof(WCHAR);
392
393 if (Length > String->MaximumLength) return STATUS_BUFFER_TOO_SMALL;
394
395 String->Length = (USHORT)Length;
397
398 if (Length < String->MaximumLength)
399 {
400 String->Buffer[Length / sizeof(WCHAR)] = UNICODE_NULL;
401 }
402 }
403
404 return STATUS_SUCCESS;
405}
Definition: bufpool.h:45
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define swprintf
Definition: precomp.h:40
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
#define UNICODE_NULL
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
#define L(x)
Definition: ntvdm.h:50
unsigned short USHORT
Definition: pedump.c:61
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
uint16_t * PWSTR
Definition: typedefs.h:56
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint32_t ULONG
Definition: typedefs.h:59
wchar_t wcs[5]
_Must_inspect_result_ _In_ WDFDEVICE _In_ WDFSTRING String
Definition: wdfdevice.h:2433
_In_ WDFDMATRANSACTION _In_ size_t MaximumLength
__wchar_t WCHAR
Definition: xmlstorage.h:180

◆ RtlCopySid()

NTSTATUS NTAPI RtlCopySid ( IN ULONG  BufferLength,
IN PSID  Dest,
IN PSID  Src 
)

Definition at line 165 of file sid.c.

168{
169 ULONG SidLength;
171
172 /* Make sure the buffer is large enough*/
173 SidLength = RtlLengthSid(Src);
174 if (SidLength > BufferLength) return STATUS_BUFFER_TOO_SMALL;
175
176 /* And then copy the SID */
177 RtlMoveMemory(Dest, Src, SidLength);
178 return STATUS_SUCCESS;
179}
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771

◆ RtlCopySidAndAttributesArray()

NTSTATUS NTAPI RtlCopySidAndAttributesArray ( IN ULONG  Count,
IN PSID_AND_ATTRIBUTES  Src,
IN ULONG  SidAreaSize,
IN PSID_AND_ATTRIBUTES  Dest,
IN PSID  SidArea,
OUT PSID RemainingSidArea,
OUT PULONG  RemainingSidAreaSize 
)

Definition at line 249 of file sid.c.

256{
257 ULONG SidLength, i;
259
260 /* Loop all the attributes */
261 for (i = 0; i < Count; i++)
262 {
263 /* Make sure this SID can fit in the buffer */
264 SidLength = RtlLengthSid(Src[i].Sid);
265 if (SidLength > SidAreaSize) return STATUS_BUFFER_TOO_SMALL;
266
267 /* Consume remaining buffer space for this SID */
268 SidAreaSize -= SidLength;
269
270 /* Copy the SID and attributes */
271 Dest[i].Sid = SidArea;
272 Dest[i].Attributes = Src[i].Attributes;
273 RtlCopySid(SidLength, SidArea, Src[i].Sid);
274
275 /* Push the buffer area where the SID will reset */
276 SidArea = (PSID)((ULONG_PTR)SidArea + SidLength);
277 }
278
279 /* Return how much space is left, and where the buffer is at now */
280 *RemainingSidArea = SidArea;
281 *RemainingSidAreaSize = SidAreaSize;
282 return STATUS_SUCCESS;
283}
NTSYSAPI BOOLEAN WINAPI RtlCopySid(DWORD, PSID, PSID)
struct _SID * PSID
Definition: eventlog.c:35
int Count
Definition: noreturn.cpp:7
uint32_t ULONG_PTR
Definition: typedefs.h:65

◆ RtlCreateServiceSid()

NTSTATUS NTAPI RtlCreateServiceSid ( _In_ PUNICODE_STRING  ServiceName,
_Out_writes_bytes_opt_ *ServiceSidLength PSID  ServiceSid,
_Inout_ PULONG  ServiceSidLength 
)

Definition at line 412 of file sid.c.

416{
419}
#define UNIMPLEMENTED
Definition: debug.h:115
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:239

◆ RtlEqualPrefixSid()

BOOLEAN NTAPI RtlEqualPrefixSid ( IN PSID  Sid1_,
IN PSID  Sid2_ 
)

Definition at line 200 of file sid.c.

202{
203 PISID Sid1 = Sid1_, Sid2 = Sid2_;
204 ULONG i;
206
207 /* Revisions have to match */
208 if (Sid1->Revision != Sid2->Revision) return FALSE;
209
210 /* The identifier authorities have to match */
217 {
218 /* The subauthority counts have to match */
220 {
221 /* If there aren't any in SID1, means none in SID2 either, so equal */
222 if (!Sid1->SubAuthorityCount) return TRUE;
223
224 /* Now compare all the subauthority values BUT the last one */
225 for (i = 0; (i + 1) < Sid1->SubAuthorityCount; i++)
226 {
227 /* Does any mismatch? */
228 if (Sid1->SubAuthority[i] != Sid2->SubAuthority[i])
229 {
230 /* Prefix doesn't match, fail */
231 return FALSE;
232 }
233 }
234
235 /* Everything that should matches, does, return success */
236 return TRUE;
237 }
238 }
239
240 /* Identifiers don't match, fail */
241 return FALSE;
242}
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
_In_ PSID Sid2
Definition: rtlfuncs.h:1755

◆ RtlEqualSid()

BOOLEAN NTAPI RtlEqualSid ( IN PSID  Sid1_,
IN PSID  Sid2_ 
)

Definition at line 132 of file sid.c.

134{
135 PISID Sid1 = Sid1_, Sid2 = Sid2_;
137
138 /* Quick compare of the revision and the count */
139 if (*(PUSHORT)&Sid1->Revision != *(PUSHORT)&Sid2->Revision) return FALSE;
140
141 /* Get the length and compare it the long way */
142 return RtlEqualMemory(Sid1, Sid2, RtlLengthSid(Sid1));
143}
#define RtlEqualMemory(a, b, c)
Definition: kdvm.h:18
uint16_t * PUSHORT
Definition: typedefs.h:56

◆ RtlFreeSid()

PVOID NTAPI RtlFreeSid ( IN PSID  Sid)

Definition at line 186 of file sid.c.

187{
189
190 /* Free the SID and always return NULL */
192 return NULL;
193}
#define NULL
Definition: types.h:112
VOID NTAPI RtlpFreeMemory(_In_ PVOID Mem, _In_ ULONG Tag)
Definition: rtlcompat.c:45

◆ RtlIdentifierAuthoritySid()

PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid ( IN PSID  Sid_)

Definition at line 118 of file sid.c.

119{
120 PISID Sid = Sid_;
122
123 /* Return the offset to the identifier authority */
124 return &Sid->IdentifierAuthority;
125}

◆ RtlInitializeSid()

NTSTATUS NTAPI RtlInitializeSid ( IN PSID  Sid_,
IN PSID_IDENTIFIER_AUTHORITY  IdentifierAuthority,
IN UCHAR  SubAuthorityCount 
)

Definition at line 68 of file sid.c.

71{
72 PISID Sid = Sid_;
74
75 /* Fill out the header */
79
80 /* All good */
81 return STATUS_SUCCESS;
82}

◆ RtlLengthRequiredSid()

◆ RtlLengthSid()

ULONG NTAPI RtlLengthSid ( IN PSID  Sid_)

Definition at line 150 of file sid.c.

151{
152 PISID Sid = Sid_;
154
155 /* The offset to the last index + 1 (since it's a count) is the length */
156 return (ULONG)FIELD_OFFSET(SID,
157 SubAuthority[Sid->SubAuthorityCount]);
158}

Referenced by _IRQL_requires_max_(), AccessCheckEmptyMappingTest(), AccessGrantedMultipleObjectsTests(), AccessGrantedTests(), BuildUserInfoBuffer(), CheckSid__(), CheckTokenMembership(), CmpQuerySecurityDescriptor(), CopySystemProfile(), CreateBaseAcls(), CreateNewDefaultDacl(), CsrCreateLocalSystemSD(), CsrSetProcessSecurity(), DenyAccessTests(), DsEnumerateDomainTrustsA(), GetAccountDomainSid(), GetDosDevicesProtection(), GetLengthSid(), GetSiteSidFromToken(), GetUserSid(), GetUserSidStringFromToken(), GrantedAccessTests(), IntCreateServiceSecurity(), K32CreateDBMonMutex(), LsapAddAuthorityToDomainsList(), LsapAddDefaultGroups(), LsapAddDomainToDomainsList(), LsapAddTokenDefaultDacl(), LsapCopyLocalGroups(), LsapCreateAccountSd(), LsapCreateDatabaseObjects(), LsapCreatePolicySd(), LsapCreateSecretSd(), LsapCreateTokenSd(), LsapGetLogonSessionData(), LsapSetLogonSessionData(), LsapSetTokenOwner(), LsarSetAccountDomain(), LsarSetPrimaryDomain(), MiCreateMemoryEvent(), NetLocalGroupGetMembers(), NetUserModalsGet(), NtCreatePagingFile(), NtQueryInformationToken(), NtSetInformationToken(), ObpCreateKernelObjectsSD(), ObpGetDosDevicesProtection(), RtlCopySid(), RtlCopySidAndAttributesArray(), RtlDefaultNpAcl(), RtlEqualSid(), RtlLengthSecurityDescriptor(), RtlLengthSidAndAttributes(), RtlpAddKnownAce(), RtlpAddKnownObjectAce(), RtlpQuerySecurityDescriptor(), RtlpSetSecurityObject(), RtlpSysVolCreateSecurityDescriptor(), RtlSelfRelativeToAbsoluteSD(), RtlValidAcl(), RtlValidRelativeSecurityDescriptor(), RtlxAddAuditAccessAceEx(), RtlxAddMandatoryLabelAceEx(), SampAddMemberToAlias(), SampCreateAccountDomainSD(), SampCreateAliasSD(), SampCreateBuiltinDomainSD(), SampCreateGroupSD(), SampCreateServerSD(), SampCreateUserSD(), SampSetupAddMemberToAlias(), SampSetupCreateDomain(), ScmCreateAcls(), SeCaptureSidAndAttributesArray(), SepComputeAvailableDynamicSpace(), SepCreateImpersonationTokenDacl(), SepCreateToken(), SepDuplicateToken(), SepInitDACLs(), SepInitializationPhase1(), SepPerformTokenFiltering(), SepPropagateAcl(), SepRebuildDynamicPartOfToken(), SeQueryInformationToken(), SeSetWorldSecurityDescriptor(), SmpCreateSecurityDescriptors(), TestSeAssignSecurity(), TiCreateSecurityDescriptor(), and uid_to_sid().

◆ RtlSubAuthorityCountSid()

PUCHAR NTAPI RtlSubAuthorityCountSid ( IN PSID  Sid_)

◆ RtlSubAuthoritySid()

PULONG NTAPI RtlSubAuthoritySid ( IN PSID  Sid_,
IN ULONG  SubAuthority 
)

Definition at line 89 of file sid.c.

91{
92 PISID Sid = Sid_;
94
95 /* Return the offset */
96 return (PULONG)&Sid->SubAuthority[SubAuthority];
97}
uint32_t * PULONG
Definition: typedefs.h:59

◆ RtlValidSid()

BOOLEAN NTAPI RtlValidSid ( IN PSID  Sid_)

Definition at line 21 of file sid.c.

22{
23 PISID Sid = Sid_;
25
26 /* Use SEH in case any pointer is invalid */
28 {
29 /* Validate the revision and subauthority count */
30 if ((Sid) &&
31 (((Sid->Revision & 0xF) != SID_REVISION) ||
33 {
34 /* It's not, fail */
35 _SEH2_YIELD(return FALSE);
36 }
37 }
39 {
40 /* Access violation, SID is not valid */
41 _SEH2_YIELD(return FALSE);
42 }
44
45 /* All good */
46 return TRUE;
47}
#define _SEH2_END
Definition: filesup.c:22
#define _SEH2_TRY
Definition: filesup.c:19
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:162
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:482

Referenced by CheckSid__(), CmpHiveRootSecurityDescriptor(), ConvertSidToStringSidW(), IsValidSid(), LsarAddAccountRights(), LsarCreateAccount(), LsarOpenAccount(), LsarRemoveAccountRights(), pSetSecurityInfoCheck(), RtlConvertSidToUnicodeString(), RtlpAddKnownAce(), RtlpAddKnownObjectAce(), RtlpSetSecurityObject(), RtlValidRelativeSecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), SeCaptureSidAndAttributesArray(), SeReportSecurityEvent(), and TestsSeQueryInformationToken().