seurtl.c File Reference

#include <ntos.h>
#include <nturtl.h>
#include <ntlsa.h>
#include "seopaque.h"
#include "sertlp.h"
#include "ldrp.h"

Go to the source code of this file.

Functions
NTSTATUS	RtlNewSecurityObjectEx (IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL, IN PSECURITY_DESCRIPTOR CreatorDescriptor OPTIONAL, OUT PSECURITY_DESCRIPTOR *NewDescriptor, IN GUID *ObjectType OPTIONAL, IN BOOLEAN IsDirectoryObject, IN ULONG AutoInheritFlags, IN HANDLE Token OPTIONAL, IN PGENERIC_MAPPING GenericMapping)
NTSTATUS	RtlNewSecurityObject (IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL, IN PSECURITY_DESCRIPTOR CreatorDescriptor OPTIONAL, OUT PSECURITY_DESCRIPTOR *NewDescriptor, IN BOOLEAN IsDirectoryObject, IN HANDLE Token, IN PGENERIC_MAPPING GenericMapping)
NTSTATUS	RtlSetSecurityObject (IN SECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, IN PGENERIC_MAPPING GenericMapping, IN HANDLE Token OPTIONAL)
NTSTATUS	RtlSetSecurityObjectEx (IN SECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, IN ULONG AutoInheritFlags, IN PGENERIC_MAPPING GenericMapping, IN HANDLE Token OPTIONAL)
NTSTATUS	RtlQuerySecurityObject (IN PSECURITY_DESCRIPTOR ObjectDescriptor, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR ResultantDescriptor, IN ULONG DescriptorLength, OUT PULONG ReturnLength)
NTSTATUS	RtlDeleteSecurityObject (IN OUT PSECURITY_DESCRIPTOR *ObjectDescriptor)
NTSTATUS	RtlNewInstanceSecurityObject (IN BOOLEAN ParentDescriptorChanged, IN BOOLEAN CreatorDescriptorChanged, IN PLUID OldClientTokenModifiedId, OUT PLUID NewClientTokenModifiedId, IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL, IN PSECURITY_DESCRIPTOR CreatorDescriptor OPTIONAL, OUT PSECURITY_DESCRIPTOR *NewDescriptor, IN BOOLEAN IsDirectoryObject, IN HANDLE Token, IN PGENERIC_MAPPING GenericMapping)
NTSTATUS	RtlNewSecurityGrantedAccess (IN ACCESS_MASK DesiredAccess, OUT PPRIVILEGE_SET Privileges, IN OUT PULONG Length, IN HANDLE Token OPTIONAL, IN PGENERIC_MAPPING GenericMapping, OUT PACCESS_MASK RemainingDesiredAccess)
NTSTATUS	RtlCopySecurityDescriptor (IN PSECURITY_DESCRIPTOR InputSecurityDescriptor, OUT PSECURITY_DESCRIPTOR *OutputSecurityDescriptor)
NTSTATUS	RtlpInitializeAllowedAce (IN PACCESS_ALLOWED_ACE AllowedAce, IN USHORT AceSize, IN UCHAR InheritFlags, IN UCHAR AceFlags, IN ACCESS_MASK Mask, IN PSID AllowedSid)
NTSTATUS	RtlpInitializeDeniedAce (IN PACCESS_DENIED_ACE DeniedAce, IN USHORT AceSize, IN UCHAR InheritFlags, IN UCHAR AceFlags, IN ACCESS_MASK Mask, IN PSID DeniedSid)
NTSTATUS	RtlpInitializeAuditAce (IN PACCESS_ALLOWED_ACE AuditAce, IN USHORT AceSize, IN UCHAR InheritFlags, IN UCHAR AceFlags, IN ACCESS_MASK Mask, IN PSID AuditSid)
NTSTATUS	RtlCreateAndSetSD (IN PRTL_ACE_DATA AceData, IN ULONG AceCount, IN PSID OwnerSid OPTIONAL, IN PSID GroupSid OPTIONAL, OUT PSECURITY_DESCRIPTOR *NewDescriptor)
NTSTATUS	RtlCreateUserSecurityObject (IN PRTL_ACE_DATA AceData, IN ULONG AceCount, IN PSID OwnerSid, IN PSID GroupSid, IN BOOLEAN IsDirectoryObject, IN PGENERIC_MAPPING GenericMapping, OUT PSECURITY_DESCRIPTOR *NewDescriptor)
NTSTATUS	RtlConvertToAutoInheritSecurityObject (IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL, IN PSECURITY_DESCRIPTOR CurrentSecurityDescriptor, OUT PSECURITY_DESCRIPTOR *NewSecurityDescriptor, IN GUID *ObjectType OPTIONAL, IN BOOLEAN IsDirectoryObject, IN PGENERIC_MAPPING GenericMapping)
NTSTATUS	RtlDefaultNpAcl (OUT PACL *pAcl)

---

Function Documentation

NTSTATUS RtlConvertToAutoInheritSecurityObject (  IN PSECURITY_DESCRIPTOR ParentDescriptor  OPTIONAL, IN PSECURITY_DESCRIPTOR  CurrentSecurityDescriptor, OUT PSECURITY_DESCRIPTOR *  NewSecurityDescriptor, IN GUID *ObjectType  OPTIONAL, IN BOOLEAN  IsDirectoryObject, IN PGENERIC_MAPPING  GenericMapping )

Definition at line 1786 of file seurtl.c. References RtlpConvertToAutoInheritSecurityObject(). : This is a converts a security descriptor whose ACLs are not marked as AutoInherit to a security descriptor whose ACLs are marked as AutoInherit. See further detailed description on ConvertToAutoInheritPrivateObjectSecurity. Arguments: ParentDescriptor - Supplies the Security Descriptor for the parent directory under which a object exists. If there is no parent directory, then this argument is specified as NULL. CurrentSecurityDescriptor - Supplies a pointer to the objects security descriptor that is going to be altered by this procedure. NewSecurityDescriptor Points to a pointer that is to be made to point to the newly allocated self-relative security descriptor. When no longer needed, this descriptor must be freed using DestroyPrivateObjectSecurity(). ObjectType - GUID of the object type being created. If the object being created has no GUID associated with it, then this argument is specified as NULL. IsDirectoryObject - Specifies if the object is a directory object. A value of TRUE indicates the object is a container of other objects. GenericMapping - Supplies a pointer to a generic mapping array denoting the mapping between each generic right to specific rights. Return Value: STATUS_SUCCESS - The operation was successful. STATUS_UNKNOWN_REVISION - Indicates the source ACL is a revision that is unknown to this routine. (Only revision 2 ACLs are support by this routine.) STATUS_INVALID_ACL - The structure of one of the ACLs in invalid. --*/ { // // Simply call the corresponding Rtlp routine telling it which allocator // to use. // return RtlpConvertToAutoInheritSecurityObject( ParentDescriptor, CurrentSecurityDescriptor, NewSecurityDescriptor, ObjectType, IsDirectoryObject, GenericMapping ); }

NTSTATUS RtlCopySecurityDescriptor (  IN PSECURITY_DESCRIPTOR  InputSecurityDescriptor, OUT PSECURITY_DESCRIPTOR *  OutputSecurityDescriptor )

Definition at line 1021 of file seurtl.c. References Dacl, MAKE_TAG, NULL, Owner, RtlAllocateHeap, RtlpQuerySecurityDescriptor(), and SE_TAG. : This routine will copy a self-relative security descriptor from any memory into the correct type of memory required by security descriptor Rtl routines. This allows security descriptors to be kept in whatever kind of storage is most convenient for the current application. A security descriptor should be copied via this routine and the copy passed into any Rtl routine that in any way modify the security descriptor (eg RtlSetSecurityObject). The storage allocated by this routine must be freed by RtlDeleteSecurityObject. Arguments: InputSecurityDescriptor - contains the source security descriptor OutputSecurityDescriptor - returns a copy of the security descriptor in the correct kind of memory. Return Value: STATUS_NO_MEMORY - There was not enough memory available to the current process to complete this operation. --*/ { PACL Dacl; PACL Sacl; PSID Owner; PSID PrimaryGroup; ULONG DaclSize; ULONG OwnerSize; ULONG PrimaryGroupSize; ULONG SaclSize; ULONG TotalSize; PISECURITY_DESCRIPTOR ISecurityDescriptor = (PISECURITY_DESCRIPTOR)InputSecurityDescriptor; RtlpQuerySecurityDescriptor( ISecurityDescriptor, &Owner, &OwnerSize, &PrimaryGroup, &PrimaryGroupSize, &Dacl, &DaclSize, &Sacl, &SaclSize ); TotalSize = sizeof(SECURITY_DESCRIPTOR) + OwnerSize + PrimaryGroupSize + DaclSize + SaclSize; *OutputSecurityDescriptor = RtlAllocateHeap( RtlProcessHeap(), MAKE_TAG( SE_TAG ), TotalSize ); if ( *OutputSecurityDescriptor == NULL ) { return( STATUS_NO_MEMORY ); } RtlMoveMemory( *OutputSecurityDescriptor, ISecurityDescriptor, TotalSize ); return( STATUS_SUCCESS ); }

NTSTATUS RtlCreateAndSetSD (  IN PRTL_ACE_DATA  AceData, IN ULONG  AceCount, IN PSID OwnerSid  OPTIONAL, IN PSID GroupSid  OPTIONAL, OUT PSECURITY_DESCRIPTOR *  NewDescriptor )

Definition at line 1260 of file seurtl.c. References ASSERT, Dacl, FALSE, HeapHandle, MAKE_TAG, NT_SUCCESS, NTSTATUS(), NULL, RtlAddAce(), RtlAllocateHeap, RtlCreateAcl(), RtlCreateSecurityDescriptor(), RtlFreeHeap, RtlLengthSid(), RtlpInitializeAllowedAce(), RtlpInitializeAuditAce(), RtlpInitializeDeniedAce(), RtlSetDaclSecurityDescriptor(), RtlSetGroupSecurityDescriptor(), RtlSetOwnerSecurityDescriptor(), RtlSetSaclSecurityDescriptor(), SE_TAG, Size, TRUE, and USHORT. Referenced by RtlCreateUserSecurityObject(). : This function creates an absolute security descriptor containing the supplied ACE information. A sample usage of this function: // // Order matters! These ACEs are inserted into the DACL in the // following order. Security access is granted or denied based on // the order of the ACEs in the DACL. // RTL_ACE_DATA AceData[4] = { {ACCESS_ALLOWED_ACE_TYPE, 0, 0, GENERIC_ALL, &LocalAdminSid}, {ACCESS_DENIED_ACE_TYPE, 0, 0, GENERIC_ALL, &NetworkSid}, {ACCESS_ALLOWED_ACE_TYPE, 0, 0, WKSTA_CONFIG_GUEST_INFO_GET | WKSTA_CONFIG_USER_INFO_GET, &DomainUsersSid}, {ACCESS_ALLOWED_ACE_TYPE, 0, 0, WKSTA_CONFIG_GUEST_INFO_GET, &DomainGuestsSid} }; PSECURITY_DESCRIPTOR WkstaSecurityDescriptor; return RtlCreateAndSetSD( AceData, 4, LocalSystemSid, LocalSystemSid, &WkstaSecurityDescriptor ); Arguments: AceData - Supplies the structure of information that describes the DACL. AceCount - Supplies the number of entries in AceData structure. OwnerSid - Supplies the pointer to the SID of the security descriptor owner. If not specified, a security descriptor with no owner will be created. GroupSid - Supplies the pointer to the SID of the security descriptor primary group. If not specified, a security descriptor with no primary group will be created. NewDescriptor - Returns a pointer to the absolute security descriptor allocated using RtlAllocateHeap. Return Value: STATUS_SUCCESS - if successful STATUS_NO_MEMORY - if cannot allocate memory for DACL, ACEs, and security descriptor. Any other status codes returned from the security Rtl routines. NOTE : the user security object created by calling this function may be freed up by calling RtlDeleteSecurityObject(). --*/ { NTSTATUS ntstatus = STATUS_SUCCESS; ULONG i; // // Pointer to memory dynamically allocated by this routine to hold // the absolute security descriptor, the DACL, the SACL, and all the ACEs. // // +---------------------------------------------------------------+ // | Security Descriptor | // +-------------------------------+-------+---------------+-------+ // | DACL | ACE 1 | . . . | ACE n | // +-------------------------------+-------+---------------+-------+ // | SACL | ACE 1 | . . . | ACE n | // +-------------------------------+-------+---------------+-------+ // PSECURITY_DESCRIPTOR AbsoluteSd = NULL; PACL Dacl = NULL; // Pointer to the DACL portion of above buffer PACL Sacl = NULL; // Pointer to the SACL portion of above buffer ULONG DaclSize = sizeof(ACL); ULONG SaclSize = sizeof(ACL); ULONG MaxAceSize = 0; PVOID MaxAce = NULL; PCHAR CurrentAvailable; ULONG Size; PVOID HeapHandle = RtlProcessHeap(); ASSERT( AceCount > 0 ); // // Compute the total size of the DACL and SACL ACEs and the maximum // size of any ACE. // for (i = 0; i < AceCount; i++) { ULONG AceSize; AceSize = RtlLengthSid(*(AceData[i].Sid)); switch (AceData[i].AceType) { case ACCESS_ALLOWED_ACE_TYPE: AceSize += sizeof(ACCESS_ALLOWED_ACE); DaclSize += AceSize; break; case ACCESS_DENIED_ACE_TYPE: AceSize += sizeof(ACCESS_DENIED_ACE); DaclSize += AceSize; break; case SYSTEM_AUDIT_ACE_TYPE: AceSize += sizeof(SYSTEM_AUDIT_ACE); SaclSize += AceSize; break; default: return STATUS_INVALID_PARAMETER; } MaxAceSize = MaxAceSize > AceSize ? MaxAceSize : AceSize; } // // Allocate a chunk of memory large enough for the security descriptor, // the DACL, the SACL and all ACEs. // // A security descriptor is of opaque data type but // SECURITY_DESCRIPTOR_MIN_LENGTH is the right size. // Size = SECURITY_DESCRIPTOR_MIN_LENGTH; if ( DaclSize != sizeof(ACL) ) { Size += DaclSize; } if ( SaclSize != sizeof(ACL) ) { Size += SaclSize; } if ((AbsoluteSd = RtlAllocateHeap( HeapHandle, MAKE_TAG( SE_TAG ), Size )) == NULL) { ntstatus = STATUS_NO_MEMORY; goto Cleanup; } // // Initialize the Dacl and Sacl // CurrentAvailable = (PCHAR)AbsoluteSd + SECURITY_DESCRIPTOR_MIN_LENGTH; if ( DaclSize != sizeof(ACL) ) { Dacl = (PACL)CurrentAvailable; CurrentAvailable += DaclSize; ntstatus = RtlCreateAcl( Dacl, DaclSize, ACL_REVISION ); if ( !NT_SUCCESS(ntstatus) ) { goto Cleanup; } } if ( SaclSize != sizeof(ACL) ) { Sacl = (PACL)CurrentAvailable; CurrentAvailable += SaclSize; ntstatus = RtlCreateAcl( Sacl, SaclSize, ACL_REVISION ); if ( !NT_SUCCESS(ntstatus) ) { goto Cleanup; } } // // Allocate a temporary buffer big enough for the biggest ACE. // if ((MaxAce = RtlAllocateHeap( HeapHandle, MAKE_TAG( SE_TAG ), MaxAceSize )) == NULL ) { ntstatus = STATUS_NO_MEMORY; goto Cleanup; } // // Initialize each ACE, and append it into the end of the DACL or SACL. // for (i = 0; i < AceCount; i++) { ULONG AceSize; PACL CurrentAcl; AceSize = RtlLengthSid(*(AceData[i].Sid)); switch (AceData[i].AceType) { case ACCESS_ALLOWED_ACE_TYPE: AceSize += sizeof(ACCESS_ALLOWED_ACE); CurrentAcl = Dacl; ntstatus = RtlpInitializeAllowedAce( MaxAce, (USHORT) AceSize, AceData[i].InheritFlags, AceData[i].AceFlags, AceData[i].Mask, *(AceData[i].Sid) ); break; case ACCESS_DENIED_ACE_TYPE: AceSize += sizeof(ACCESS_DENIED_ACE); CurrentAcl = Dacl; ntstatus = RtlpInitializeDeniedAce( MaxAce, (USHORT) AceSize, AceData[i].InheritFlags, AceData[i].AceFlags, AceData[i].Mask, *(AceData[i].Sid) ); break; case SYSTEM_AUDIT_ACE_TYPE: AceSize += sizeof(SYSTEM_AUDIT_ACE); CurrentAcl = Sacl; ntstatus = RtlpInitializeAuditAce( MaxAce, (USHORT) AceSize, AceData[i].InheritFlags, AceData[i].AceFlags, AceData[i].Mask, *(AceData[i].Sid) ); break; } if ( !NT_SUCCESS( ntstatus ) ) { goto Cleanup; } // // Append the initialized ACE to the end of DACL or SACL // if (! NT_SUCCESS (ntstatus = RtlAddAce( CurrentAcl, ACL_REVISION, MAXULONG, MaxAce, AceSize ))) { goto Cleanup; } } // // Create the security descriptor with absolute pointers to SIDs // and ACLs. // // Owner = OwnerSid // Group = GroupSid // Dacl = Dacl // Sacl = Sacl // if (! NT_SUCCESS(ntstatus = RtlCreateSecurityDescriptor( AbsoluteSd, SECURITY_DESCRIPTOR_REVISION ))) { goto Cleanup; } if (! NT_SUCCESS(ntstatus = RtlSetOwnerSecurityDescriptor( AbsoluteSd, OwnerSid, FALSE ))) { goto Cleanup; } if (! NT_SUCCESS(ntstatus = RtlSetGroupSecurityDescriptor( AbsoluteSd, GroupSid, FALSE ))) { goto Cleanup; } if (! NT_SUCCESS(ntstatus = RtlSetDaclSecurityDescriptor( AbsoluteSd, TRUE, Dacl, FALSE ))) { goto Cleanup; } if (! NT_SUCCESS(ntstatus = RtlSetSaclSecurityDescriptor( AbsoluteSd, FALSE, Sacl, FALSE ))) { goto Cleanup; } // // Done // ntstatus = STATUS_SUCCESS; // // Clean up // Cleanup: // // Either return the security descriptor to the caller or delete it // if ( NT_SUCCESS( ntstatus ) ) { *NewDescriptor = AbsoluteSd; } else if ( AbsoluteSd != NULL ) { (void) RtlFreeHeap(HeapHandle, 0, AbsoluteSd); } // // Delete the temporary ACE // if ( MaxAce != NULL ) { (void) RtlFreeHeap(HeapHandle, 0, MaxAce); } return ntstatus; }

NTSTATUS RtlCreateUserSecurityObject (  IN PRTL_ACE_DATA  AceData, IN ULONG  AceCount, IN PSID  OwnerSid, IN PSID  GroupSid, IN BOOLEAN  IsDirectoryObject, IN PGENERIC_MAPPING  GenericMapping, OUT PSECURITY_DESCRIPTOR *  NewDescriptor )

Definition at line 1624 of file seurtl.c. References HeapHandle, NT_SUCCESS, NtClose(), NtOpenProcessToken(), NTSTATUS(), NULL, RtlCreateAndSetSD(), RtlFreeHeap, and RtlNewSecurityObject(). : This function creates the DACL for the security descriptor based on on the ACE information specified, and creates the security descriptor which becomes the user-mode security object. A sample usage of this function: // // Structure that describes the mapping of Generic access rights to // object specific access rights for the ConfigurationInfo object. // GENERIC_MAPPING WsConfigInfoMapping = { STANDARD_RIGHTS_READ | // Generic read WKSTA_CONFIG_GUEST_INFO_GET | WKSTA_CONFIG_USER_INFO_GET | WKSTA_CONFIG_ADMIN_INFO_GET, STANDARD_RIGHTS_WRITE | // Generic write WKSTA_CONFIG_INFO_SET, STANDARD_RIGHTS_EXECUTE, // Generic execute WKSTA_CONFIG_ALL_ACCESS // Generic all }; // // Order matters! These ACEs are inserted into the DACL in the // following order. Security access is granted or denied based on // the order of the ACEs in the DACL. // RTL_ACE_DATA AceData[4] = { {ACCESS_ALLOWED_ACE_TYPE, 0, 0, GENERIC_ALL, &LocalAdminSid}, {ACCESS_DENIED_ACE_TYPE, 0, 0, GENERIC_ALL, &NetworkSid}, {ACCESS_ALLOWED_ACE_TYPE, 0, 0, WKSTA_CONFIG_GUEST_INFO_GET | WKSTA_CONFIG_USER_INFO_GET, &DomainUsersSid}, {ACCESS_ALLOWED_ACE_TYPE, 0, 0, WKSTA_CONFIG_GUEST_INFO_GET, &DomainGuestsSid} }; PSECURITY_DESCRIPTOR WkstaSecurityObject; return RtlCreateUserSecurityObject( AceData, 4, LocalSystemSid, LocalSystemSid, FALSE, &WsConfigInfoMapping, &WkstaSecurityObject ); Arguments: AceData - Supplies the structure of information that describes the DACL. AceCount - Supplies the number of entries in AceData structure. OwnerSid - Supplies the pointer to the SID of the security descriptor owner. GroupSid - Supplies the pointer to the SID of the security descriptor primary group. IsDirectoryObject - Supplies the flag which indicates whether the user-mode object is a directory object. GenericMapping - Supplies the pointer to a generic mapping array denoting the mapping between each generic right to specific rights. NewDescriptor - Returns a pointer to the self-relative security descriptor which represents the user-mode object. Return Value: STATUS_SUCCESS - if successful STATUS_NO_MEMORY - if cannot allocate memory for DACL, ACEs, and security descriptor. Any other status codes returned from the security Rtl routines. NOTE : the user security object created by calling this function may be freed up by calling RtlDeleteSecurityObject(). --*/ { NTSTATUS ntstatus; PSECURITY_DESCRIPTOR AbsoluteSd; HANDLE TokenHandle; PVOID HeapHandle = RtlProcessHeap(); ntstatus = RtlCreateAndSetSD( AceData, AceCount, OwnerSid, GroupSid, &AbsoluteSd ); if (! NT_SUCCESS(ntstatus)) { return ntstatus; } ntstatus = NtOpenProcessToken( NtCurrentProcess(), TOKEN_QUERY, &TokenHandle ); if (! NT_SUCCESS(ntstatus)) { (void) RtlFreeHeap(HeapHandle, 0, AbsoluteSd); return ntstatus; } // // Create the security object (a user-mode object is really a pseudo- // object represented by a security descriptor that have relative // pointers to SIDs and ACLs). This routine allocates the memory to // hold the relative security descriptor so the memory allocated for the // DACL, ACEs, and the absolute descriptor can be freed. // ntstatus = RtlNewSecurityObject( NULL, // Parent descriptor AbsoluteSd, // Creator descriptor NewDescriptor, // Pointer to new descriptor IsDirectoryObject, // Is directory object TokenHandle, // Token GenericMapping // Generic mapping ); (void) NtClose(TokenHandle); // // Free dynamic memory before returning // (void) RtlFreeHeap(HeapHandle, 0, AbsoluteSd); return ntstatus; }

NTSTATUS RtlDefaultNpAcl (  OUT PACL *  pAcl  )

Definition at line 1860 of file seurtl.c. References ASSERT, NT_SUCCESS, NtClose(), NtOpenProcessToken(), NtOpenThreadToken(), NtQueryInformationToken(), NTSTATUS(), NULL, RtlAddAccessAllowedAce(), RtlAllocateHeap, RtlCreateAcl(), RtlFreeHeap, RtlInitializeSid(), RtlLengthRequiredSid(), RtlLengthSid(), RtlSubAuthoritySid(), Status, and TRUE. 01865 : 01866 01867 This routine constructs a default ACL to be applied to 01868 named pipe objects when the caller has not specified one. 01869 See NT bug 131090. 01870 01871 The ACL constructed is as follows: 01872 01873 Need to build an ACL that looks like the following: 01874 01875 Local System : F 01876 Administrators: F 01877 Owner: F 01878 Everyone: R 01879 01880 The owner is determined by querying the currently effective 01881 toke and extracting the default owner. 01882 01883 Arguments: 01884 01885 pAcl - Receives a pointer to an ACL to apply to the named pipe 01886 being created. Guaranteed to be NULL on return if an error 01887 occurs. 01888 01889 This must be freed by calling RtlFreeHeap. 01890 01891 Return Value: 01892 01893 NT Status. 01894 01895 --*/ 01896 { 01897 SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY; 01898 SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = SECURITY_CREATOR_SID_AUTHORITY; 01899 SID_IDENTIFIER_AUTHORITY WorldSidAuthority = SECURITY_WORLD_SID_AUTHORITY; 01900 01901 ULONG AclSize = 0; 01902 NTSTATUS Status = STATUS_SUCCESS; 01903 ULONG ReturnLength = 0; 01904 PTOKEN_OWNER OwnerSid = NULL; 01905 01906 HANDLE hToken; 01907 01908 // 01909 // Initialize OUT parameters 01910 // 01911 01912 *pAcl = NULL; 01913 01914 // 01915 // Open thread token 01916 // 01917 01918 Status = NtOpenThreadToken( 01919 NtCurrentThread(), 01920 TOKEN_QUERY, 01921 TRUE, 01922 &hToken 01923 ); 01924 01925 if (STATUS_NO_TOKEN == Status) { 01926 01927 // 01928 // Not impersonating, get process token 01929 // 01930 01931 Status = NtOpenProcessToken( 01932 NtCurrentProcess(), 01933 TOKEN_QUERY, 01934 &hToken 01935 ); 01936 } 01937 01938 if (NT_SUCCESS( Status )) { 01939 01940 // 01941 // Get the default owner 01942 // 01943 01944 Status = NtQueryInformationToken ( 01945 hToken, 01946 TokenOwner, 01947 NULL, 01948 0, 01949 &ReturnLength 01950 ); 01951 01952 if (STATUS_BUFFER_TOO_SMALL == Status) { 01953 01954 OwnerSid = (PTOKEN_OWNER)RtlAllocateHeap( RtlProcessHeap(), 0, ReturnLength ); 01955 01956 if (OwnerSid) { 01957 01958 Status = NtQueryInformationToken ( 01959 hToken, 01960 TokenOwner, 01961 OwnerSid, 01962 ReturnLength, 01963 &ReturnLength 01964 ); 01965 01966 if (NT_SUCCESS( Status )) { 01967 01968 // 01969 // Compute the size needed 01970 // 01971 01972 UCHAR SidBuffer[16]; 01973 ASSERT( 16 == RtlLengthRequiredSid( 2 )); 01974 01975 AclSize += RtlLengthRequiredSid( 1 ); // LocalSystem Sid 01976 AclSize += RtlLengthRequiredSid( 2 ); // Administrators 01977 AclSize += RtlLengthRequiredSid( 1 ); // Everyone (World) 01978 01979 AclSize += RtlLengthSid( OwnerSid->Owner ); // Owner 01980 01981 AclSize += sizeof( ACL ); // Header 01982 AclSize += 4 * (sizeof( ACCESS_ALLOWED_ACE ) - sizeof( ULONG )); 01983 01984 // 01985 // Allocate the Acl out of the local process heap 01986 // 01987 01988 *pAcl = (PACL)RtlAllocateHeap( RtlProcessHeap(), 0, AclSize ); 01989 01990 if (*pAcl != NULL) { 01991 01992 RtlCreateAcl( *pAcl, AclSize, ACL_REVISION ); 01993 01994 // 01995 // Create each SID in turn and copy the resultant ACE into 01996 // the new ACL 01997 // 01998 01999 // 02000 // Local System - Generic All 02001 // 02002 02003 RtlInitializeSid( SidBuffer, &NtAuthority, 1); 02004 *(RtlSubAuthoritySid( SidBuffer, 0 )) = SECURITY_LOCAL_SYSTEM_RID; 02005 RtlAddAccessAllowedAce( *pAcl, ACL_REVISION, GENERIC_ALL, (PSID)SidBuffer ); 02006 02007 // 02008 // Admins - Generic All 02009 // 02010 02011 RtlInitializeSid( SidBuffer, &NtAuthority, 2); 02012 *(RtlSubAuthoritySid( SidBuffer, 0 )) = SECURITY_BUILTIN_DOMAIN_RID; 02013 *(RtlSubAuthoritySid( SidBuffer, 1 )) = DOMAIN_ALIAS_RID_ADMINS; 02014 RtlAddAccessAllowedAce( *pAcl, ACL_REVISION, GENERIC_ALL, (PSID)SidBuffer ); 02015 02016 // 02017 // Owner - Generic All 02018 // 02019 02020 RtlAddAccessAllowedAce( *pAcl, ACL_REVISION, GENERIC_ALL, OwnerSid->Owner ); 02021 02022 // 02023 // World - Generic Read 02024 // 02025 02026 RtlInitializeSid( SidBuffer, &WorldSidAuthority, 1 ); 02027 *(RtlSubAuthoritySid( SidBuffer, 0 )) = SECURITY_WORLD_RID; 02028 RtlAddAccessAllowedAce( *pAcl, ACL_REVISION, GENERIC_READ, (PSID)SidBuffer ); 02029 02030 } else { 02031 02032 Status = STATUS_NO_MEMORY; 02033 } 02034 } 02035 02036 RtlFreeHeap( RtlProcessHeap(), 0, OwnerSid ); 02037 02038 } else { 02039 02040 Status = STATUS_NO_MEMORY; 02041 } 02042 } 02043 02044 NtClose( hToken ); 02045 } 02046 02047 if (!NT_SUCCESS( Status )) { 02048 02049 // 02050 // Something failed, clean up OUT 02051 // parameters. 02052 // 02053 02054 if (*pAcl != NULL) { 02055 RtlFreeHeap( RtlProcessHeap(), 0, *pAcl ); 02056 *pAcl = NULL; 02057 } 02058 } 02059 02060 return( Status ); 02061 } }

NTSTATUS RtlDeleteSecurityObject (  IN OUT PSECURITY_DESCRIPTOR *  ObjectDescriptor  )

Definition at line 633 of file seurtl.c. References RtlFreeHeap. : Delete a protected server object's security descriptor. This procedure, called only from user mode, is used to delete a security descriptor associated with a protected server's object. This routine will normally be called by a protected server during object deletion. - - WARNING - - This service is for use by protected subsystems that project their own type of object. This service is explicitly not for use by the executive for executive objects and must not be called from kernel mode. Arguments: ObjectDescriptor - Points to a pointer to a security descriptor to be deleted. Return Value: STATUS_SUCCESS - The operation was successful. --*/ { RtlFreeHeap( RtlProcessHeap(), 0, (PVOID)*ObjectDescriptor ); return( STATUS_SUCCESS ); }

NTSTATUS RtlNewInstanceSecurityObject (  IN BOOLEAN  ParentDescriptorChanged, IN BOOLEAN  CreatorDescriptorChanged, IN PLUID  OldClientTokenModifiedId, OUT PLUID  NewClientTokenModifiedId, IN PSECURITY_DESCRIPTOR ParentDescriptor  OPTIONAL, IN PSECURITY_DESCRIPTOR CreatorDescriptor  OPTIONAL, OUT PSECURITY_DESCRIPTOR *  NewDescriptor, IN BOOLEAN  IsDirectoryObject, IN HANDLE  Token, IN PGENERIC_MAPPING  GenericMapping )

Definition at line 680 of file seurtl.c. References ClientTokenStatistics, NT_SUCCESS, NtQueryInformationToken(), NTSTATUS(), NULL, RtlEqualLuid(), RtlNewSecurityObject(), Status, and Token. : If the return status is STATUS_SUCCESS and the NewSecurity return value is NULL, then the security desscriptor of the original instance of the object is valid for this instance as well. Arguments: ParentDescriptorChanged - Supplies a flag indicating whether the parent security descriptor has changed since the last time this set of parameters was used. CreatorDescriptorChanged - Supplies a flag indicating whether the creator security descriptor has changed since the last time this set of parameters was used. OldClientTokenModifiedId - Supplies the ModifiedId from the passed token that was in effect when this call was last made with these parameters. If the current ModifiedId is different from the one passed in here, the security descriptor must be rebuilt. NewClientTokenModifiedId - Returns the current ModifiedId from the passed token. ParentDescriptor - Supplies the Security Descriptor for the parent directory under which a new object is being created. If there is no parent directory, then this argument is specified as NULL. CreatorDescriptor - (Optionally) Points to a security descriptor presented by the creator of the object. If the creator of the object did not explicitly pass security information for the new object, then a null pointer should be passed. NewDescriptor - Points to a pointer that is to be made to point to the newly allocated self-relative security descriptor. IsDirectoryObject - Specifies if the new object is going to be a directory object. A value of TRUE indicates the object is a container of other objects. Token - Supplies the token for the client on whose behalf the object is being created. If it is an impersonation token, then it must be at SecurityIdentification level or higher. If it is not an impersonation token, the operation proceeds normally. A client token is used to retrieve default security information for the new object, such as default owner, primary group, and discretionary access control. The token must be open for TOKEN_QUERY access. GenericMapping - Supplies a pointer to a generic mapping array denoting the mapping between each generic right to specific rights. Return Value: return-value - Description of conditions needed to return value. - or - None. --*/ { TOKEN_STATISTICS ClientTokenStatistics; ULONG ReturnLength; NTSTATUS Status; // // Get the current token modified LUID // Status = NtQueryInformationToken( Token, // Handle TokenStatistics, // TokenInformationClass &ClientTokenStatistics, // TokenInformation sizeof(TOKEN_STATISTICS), // TokenInformationLength &ReturnLength // ReturnLength ); if ( !NT_SUCCESS( Status )) { return( Status ); } *NewClientTokenModifiedId = ClientTokenStatistics.ModifiedId; if ( RtlEqualLuid(NewClientTokenModifiedId, OldClientTokenModifiedId) ) { if ( !(ParentDescriptorChanged || CreatorDescriptorChanged) ) { // // The old security descriptor is valid for this new instance // of the object type as well. Pass back success and NULL for // the NewDescriptor. // *NewDescriptor = NULL; return( STATUS_SUCCESS ); } } // // Something has changed, take the long route and build a new // descriptor // return( RtlNewSecurityObject( ParentDescriptor, CreatorDescriptor, NewDescriptor, IsDirectoryObject, Token, GenericMapping )); }

NTSTATUS RtlNewSecurityGrantedAccess (  IN ACCESS_MASK  DesiredAccess, OUT PPRIVILEGE_SET  Privileges, IN OUT PULONG  Length, IN HANDLE Token  OPTIONAL, IN PGENERIC_MAPPING  GenericMapping, OUT PACCESS_MASK  RemainingDesiredAccess )

Definition at line 818 of file seurtl.c. References ASSERT, FALSE, NT_SUCCESS, NtClose(), NtOpenThreadToken(), NtPrivilegeCheck(), NtQueryInformationToken(), NTSTATUS(), RtlMapGenericMask(), Status, Token, and TRUE. : This routine implements privilege policy by examining the bits in a DesiredAccess mask and adjusting them based on privilege checks. Currently, a request for ACCESS_SYSTEM_SECURITY may only be satisfied by the caller having SeSecurityPrivilege. Note that this routine is only to be called when an object is being created. When an object is being opened, it is expected that NtAccessCheck will be called, and that routine will implement another policy for substituting privileges for DACL access. Arguments: DesiredAccess - Supplies the user's desired access mask Privileges - Supplies a pointer to an empty buffer in which will be returned a privilege set describing any privileges that were used to gain access. Note that this is not an optional parameter, that is, enough room for a single privilege must always be passed. Length - Supplies the length of the Privileges parameter in bytes. If the supplies length is not adequate to store the entire privilege set, this field will return the minimum length required. Token - (optionally) Supplies the token for the client on whose behalf the object is being accessed. If this value is specified as null, then the token on the thread is opened and examined to see if it is an impersonation token. If it is, then it must be at SecurityIdentification level or higher. If it is not an impersonation token, the operation proceeds normally. GenericMapping - Supplies the generic mapping associated with this object type. RemainingDesiredAccess - Returns the DesiredAccess mask after any bits have been masked off. If no access types could be granted, this mask will be identical to the one passed in. Return Value: STATUS_SUCCESS - The operation completed successfully. STATUS_BUFFER_TOO_SMALL - The passed buffer was not large enough to contain the information being returned. STATUS_BAD_IMPERSONATION_LEVEL - The caller or passed token was impersonating, but not at a high enough level. --*/ { PRIVILEGE_SET RequiredPrivilege; BOOLEAN Result = FALSE; NTSTATUS Status; ULONG PrivilegeCount = 0; HANDLE ThreadToken; BOOLEAN TokenPassed; TOKEN_STATISTICS ThreadTokenStatistics; ULONG ReturnLength; ULONG SizeRequired; ULONG PrivilegeNumber = 0; // // If the caller hasn't passed a token, call the kernel and get // his impersonation token. This call will fail if the caller is // not impersonating a client, so if the caller is not // impersonating someone, he'd better have passed in an explicit // token. // if (!ARGUMENT_PRESENT( Token )) { Status = NtOpenThreadToken( NtCurrentThread(), TOKEN_QUERY, TRUE, &ThreadToken ); TokenPassed = FALSE; if (!NT_SUCCESS( Status )) { return( Status ); } } else { ThreadToken = Token; TokenPassed = TRUE; } Status = NtQueryInformationToken( ThreadToken, // Handle TokenStatistics, // TokenInformationClass &ThreadTokenStatistics, // TokenInformation sizeof(TOKEN_STATISTICS), // TokenInformationLength &ReturnLength // ReturnLength ); ASSERT( NT_SUCCESS(Status) ); RtlMapGenericMask( &DesiredAccess, GenericMapping ); *RemainingDesiredAccess = DesiredAccess; if ( DesiredAccess & ACCESS_SYSTEM_SECURITY ) { RequiredPrivilege.PrivilegeCount = 1; RequiredPrivilege.Control = PRIVILEGE_SET_ALL_NECESSARY; RequiredPrivilege.Privilege[0].Luid = RtlConvertLongToLuid(SE_SECURITY_PRIVILEGE); RequiredPrivilege.Privilege[0].Attributes = 0; // // NtPrivilegeCheck will make sure we are impersonating // properly. // Status = NtPrivilegeCheck( ThreadToken, &RequiredPrivilege, &Result ); if ( (!NT_SUCCESS ( Status )) || (!Result) ) { if (!TokenPassed) { NtClose( ThreadToken ); } if ( !NT_SUCCESS( Status )) { return( Status ); } if ( !Result ) { return( STATUS_PRIVILEGE_NOT_HELD ); } } // // We have the required privilege, turn off the bit in // copy of the input mask and remember that we need to return // this privilege. // *RemainingDesiredAccess &= ~ACCESS_SYSTEM_SECURITY; } if (!TokenPassed) { NtClose( ThreadToken ); } SizeRequired = sizeof(PRIVILEGE_SET); if ( SizeRequired > *Length ) { *Length = SizeRequired; return( STATUS_BUFFER_TOO_SMALL ); } if (Result) { Privileges->PrivilegeCount = 1; Privileges->Control = 0; Privileges->Privilege[PrivilegeNumber].Luid = RtlConvertLongToLuid(SE_SECURITY_PRIVILEGE); Privileges->Privilege[PrivilegeNumber].Attributes = SE_PRIVILEGE_USED_FOR_ACCESS; } else { Privileges->PrivilegeCount = 0; Privileges->Control = 0; Privileges->Privilege[PrivilegeNumber].Luid = RtlConvertLongToLuid(0); Privileges->Privilege[PrivilegeNumber].Attributes = 0; } return( STATUS_SUCCESS ); }

NTSTATUS RtlNewSecurityObject (  IN PSECURITY_DESCRIPTOR ParentDescriptor  OPTIONAL, IN PSECURITY_DESCRIPTOR CreatorDescriptor  OPTIONAL, OUT PSECURITY_DESCRIPTOR *  NewDescriptor, IN BOOLEAN  IsDirectoryObject, IN HANDLE  Token, IN PGENERIC_MAPPING  GenericMapping )

Definition at line 280 of file seurtl.c. References NULL, RtlpNewSecurityObject(), and Token. Referenced by EhpAttachSecurity(), RtlCreateUserSecurityObject(), and RtlNewInstanceSecurityObject(). : See RtlpNewSecurityObject. - - WARNING - - This service is for use by protected subsystems that project their own type of object. This service is explicitly not for use by the executive for executive objects and must not be called from kernel mode. Arguments: See RtlpNewSecurityObject. Return Value: See RtlpNewSecurityObject. --*/ { // // Simple call the newer RtlpNewSecurityObject // return RtlpNewSecurityObject ( ParentDescriptor, CreatorDescriptor, NewDescriptor, NULL, // No ObjectType IsDirectoryObject, 0, // No Automatic inheritance Token, GenericMapping ); }

NTSTATUS RtlNewSecurityObjectEx (  IN PSECURITY_DESCRIPTOR ParentDescriptor  OPTIONAL, IN PSECURITY_DESCRIPTOR CreatorDescriptor  OPTIONAL, OUT PSECURITY_DESCRIPTOR *  NewDescriptor, IN GUID *ObjectType  OPTIONAL, IN BOOLEAN  IsDirectoryObject, IN ULONG  AutoInheritFlags, IN HANDLE Token  OPTIONAL, IN PGENERIC_MAPPING  GenericMapping )

Definition at line 226 of file seurtl.c. References RtlpNewSecurityObject(), and Token. : See RtlpNewSecurityObject. - - WARNING - - This service is for use by protected subsystems that project their own type of object. This service is explicitly not for use by the executive for executive objects and must not be called from kernel mode. Arguments: See RtlpNewSecurityObject. Return Value: See RtlpNewSecurityObject. --*/ { // // Simple call the newer RtlpNewSecurityObject // return RtlpNewSecurityObject ( ParentDescriptor, CreatorDescriptor, NewDescriptor, ObjectType, IsDirectoryObject, AutoInheritFlags, Token, GenericMapping ); }

NTSTATUS RtlpInitializeAllowedAce (  IN PACCESS_ALLOWED_ACE  AllowedAce, IN USHORT  AceSize, IN UCHAR  InheritFlags, IN UCHAR  AceFlags, IN ACCESS_MASK  Mask, IN PSID  AllowedSid )

Definition at line 1111 of file seurtl.c. References RtlCopySid(), and RtlLengthSid(). Referenced by RtlCreateAndSetSD(). : This function assigns the specified ACE values into an allowed type ACE. Arguments: AllowedAce - Supplies a pointer to the ACE that is initialized. AceSize - Supplies the size of the ACE in bytes. InheritFlags - Supplies ACE inherit flags. AceFlags - Supplies ACE type specific control flags. Mask - Supplies the allowed access masks. AllowedSid - Supplies the pointer to the SID of user/group which is allowed the specified access. Return Value: Returns status from RtlCopySid. --*/ { AllowedAce->Header.AceType = ACCESS_ALLOWED_ACE_TYPE; AllowedAce->Header.AceSize = AceSize; AllowedAce->Header.AceFlags = AceFlags | InheritFlags; AllowedAce->Mask = Mask; return RtlCopySid( RtlLengthSid(AllowedSid), &(AllowedAce->SidStart), AllowedSid ); }

NTSTATUS RtlpInitializeAuditAce (  IN PACCESS_ALLOWED_ACE  AuditAce, IN USHORT  AceSize, IN UCHAR  InheritFlags, IN UCHAR  AceFlags, IN ACCESS_MASK  Mask, IN PSID  AuditSid )

Definition at line 1211 of file seurtl.c. References RtlCopySid(), and RtlLengthSid(). Referenced by RtlCreateAndSetSD(). 01221 : 01222 01223 This function assigns the specified ACE values into an audit type ACE. 01224 01225 Arguments: 01226 01227 AuditAce - Supplies a pointer to the ACE that is initialized. 01228 01229 AceSize - Supplies the size of the ACE in bytes. 01230 01231 InheritFlags - Supplies ACE inherit flags. 01232 01233 AceFlags - Supplies ACE type specific control flags. 01234 01235 Mask - Supplies the allowed access masks. 01236 01237 AuditSid - Supplies the pointer to the SID of user/group which is to be 01238 audited. 01239 01240 Return Value: 01241 01242 Returns status from RtlCopySid. 01243 01244 --*/ 01245 { 01246 AuditAce->Header.AceType = SYSTEM_AUDIT_ACE_TYPE; 01247 AuditAce->Header.AceSize = AceSize; 01248 AuditAce->Header.AceFlags = AceFlags | InheritFlags; 01249 01250 AuditAce->Mask = Mask; 01251 01252 return RtlCopySid( 01253 RtlLengthSid(AuditSid), 01254 &(AuditAce->SidStart), 01255 AuditSid 01256 ); 01257 }

NTSTATUS RtlpInitializeDeniedAce (  IN PACCESS_DENIED_ACE  DeniedAce, IN USHORT  AceSize, IN UCHAR  InheritFlags, IN UCHAR  AceFlags, IN ACCESS_MASK  Mask, IN PSID  DeniedSid )

Definition at line 1161 of file seurtl.c. References RtlCopySid(), and RtlLengthSid(). Referenced by RtlCreateAndSetSD(). : This function assigns the specified ACE values into a denied type ACE. Arguments: DeniedAce - Supplies a pointer to the ACE that is initialized. AceSize - Supplies the size of the ACE in bytes. InheritFlags - Supplies ACE inherit flags. AceFlags - Supplies ACE type specific control flags. Mask - Supplies the denied access masks. AllowedSid - Supplies the pointer to the SID of user/group which is denied the specified access. Return Value: Returns status from RtlCopySid. --*/ { DeniedAce->Header.AceType = ACCESS_DENIED_ACE_TYPE; DeniedAce->Header.AceSize = AceSize; DeniedAce->Header.AceFlags = AceFlags | InheritFlags; DeniedAce->Mask = Mask; return RtlCopySid( RtlLengthSid(DeniedSid), &(DeniedAce->SidStart), DeniedSid ); }

NTSTATUS RtlQuerySecurityObject (  IN PSECURITY_DESCRIPTOR  ObjectDescriptor, IN SECURITY_INFORMATION  SecurityInformation, OUT PSECURITY_DESCRIPTOR  ResultantDescriptor, IN ULONG  DescriptorLength, OUT PULONG  ReturnLength )

Definition at line 418 of file seurtl.c. References Dacl, Group, NULL, Owner, RtlCreateSecurityDescriptor(), and SeLengthSid. : Query information from a protected server object's existing security descriptor. This procedure, called only from user mode, is used to retrieve information from a security descriptor on an existing protected server's object. All access checking is expected to be done before calling this routine. This includes checking for READ_CONTROL, and privilege to read a system ACL as appropriate. - - WARNING - - This service is for use by protected subsystems that project their own type of object. This service is explicitly not for use by the executive for executive objects and must not be called from kernel mode. Arguments: ObjectDescriptor - Points to a pointer to a security descriptor to be queried. SecurityInformation - Identifies the security information being requested. ResultantDescriptor - Points to buffer to receive the resultant security descriptor. The resultant security descriptor will contain all information requested by the SecurityInformation parameter. DescriptorLength - Is an unsigned integer which indicates the length, in bytes, of the buffer provided to receive the resultant descriptor. ReturnLength - Receives an unsigned integer indicating the actual number of bytes needed in the ResultantDescriptor to store the requested information. If the value returned is greater than the value passed via the DescriptorLength parameter, then STATUS_BUFFER_TOO_SMALL is returned and no information is returned. Return Value: STATUS_SUCCESS - The operation was successful. STATUS_BUFFER_TOO_SMALL - The buffer provided to receive the requested information was not large enough to hold the information. No information has been returned. STATUS_BAD_DESCRIPTOR_FORMAT - Indicates the provided object's security descriptor was not in self-relative format. --*/ { PSID Group; PSID Owner; PACL Dacl; PACL Sacl; ULONG GroupSize = 0; ULONG DaclSize = 0; ULONG SaclSize = 0; ULONG OwnerSize = 0; PCHAR Field; PCHAR Base; PISECURITY_DESCRIPTOR IObjectDescriptor; PISECURITY_DESCRIPTOR_RELATIVE IResultantDescriptor; IResultantDescriptor = (PISECURITY_DESCRIPTOR_RELATIVE)ResultantDescriptor; IObjectDescriptor = (PISECURITY_DESCRIPTOR)ObjectDescriptor; // // For each item specified in the SecurityInformation, extract it // and get it to the point where it can be copied into a new // descriptor. // if (SecurityInformation & GROUP_SECURITY_INFORMATION) { Group = RtlpGroupAddrSecurityDescriptor(IObjectDescriptor); GroupSize = LongAlignSize(SeLengthSid(Group)); } if (SecurityInformation & DACL_SECURITY_INFORMATION) { Dacl = RtlpDaclAddrSecurityDescriptor( IObjectDescriptor ); if (Dacl != NULL) { DaclSize = LongAlignSize(Dacl->AclSize); } } if (SecurityInformation & SACL_SECURITY_INFORMATION) { Sacl = RtlpSaclAddrSecurityDescriptor( IObjectDescriptor ); if (Sacl != NULL) { SaclSize = LongAlignSize(Sacl->AclSize); } } if (SecurityInformation & OWNER_SECURITY_INFORMATION) { Owner = RtlpOwnerAddrSecurityDescriptor ( IObjectDescriptor ); OwnerSize = LongAlignSize(SeLengthSid(Owner)); } *ReturnLength = sizeof( SECURITY_DESCRIPTOR_RELATIVE ) + GroupSize + DaclSize + SaclSize + OwnerSize; if (*ReturnLength > DescriptorLength) { return( STATUS_BUFFER_TOO_SMALL ); } RtlCreateSecurityDescriptor( IResultantDescriptor, SECURITY_DESCRIPTOR_REVISION ); RtlpSetControlBits( IResultantDescriptor, SE_SELF_RELATIVE ); Base = (PCHAR)(IResultantDescriptor); Field = Base + (ULONG)sizeof(SECURITY_DESCRIPTOR_RELATIVE); if (SecurityInformation & SACL_SECURITY_INFORMATION) { if (SaclSize > 0) { RtlMoveMemory( Field, Sacl, SaclSize ); IResultantDescriptor->Sacl = RtlPointerToOffset(Base,Field); Field += SaclSize; } RtlpPropagateControlBits( IResultantDescriptor, IObjectDescriptor, SE_SACL_PRESENT | SE_SACL_DEFAULTED ); } if (SecurityInformation & DACL_SECURITY_INFORMATION) { if (DaclSize > 0) { RtlMoveMemory( Field, Dacl, DaclSize ); IResultantDescriptor->Dacl = RtlPointerToOffset(Base,Field); Field += DaclSize; } RtlpPropagateControlBits( IResultantDescriptor, IObjectDescriptor, SE_DACL_PRESENT | SE_DACL_DEFAULTED ); } if (SecurityInformation & OWNER_SECURITY_INFORMATION) { if (OwnerSize > 0) { RtlMoveMemory( Field, Owner, OwnerSize ); IResultantDescriptor->Owner = RtlPointerToOffset(Base,Field); Field += OwnerSize; } RtlpPropagateControlBits( IResultantDescriptor, IObjectDescriptor, SE_OWNER_DEFAULTED ); } if (SecurityInformation & GROUP_SECURITY_INFORMATION) { if (GroupSize > 0) { RtlMoveMemory( Field, Group, GroupSize ); IResultantDescriptor->Group = RtlPointerToOffset(Base,Field); } RtlpPropagateControlBits( IResultantDescriptor, IObjectDescriptor, SE_GROUP_DEFAULTED ); } return( STATUS_SUCCESS ); }

NTSTATUS RtlSetSecurityObject (  IN SECURITY_INFORMATION  SecurityInformation, IN PSECURITY_DESCRIPTOR  ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *  ObjectsSecurityDescriptor, IN PGENERIC_MAPPING  GenericMapping, IN HANDLE Token  OPTIONAL )

Definition at line 331 of file seurtl.c. References NULL, PagedPool, RtlpSetSecurityObject(), and Token. : See RtlpSetSecurityObject. Arguments: See RtlpSetSecurityObject. Return Value: See RtlpSetSecurityObject. --*/ { // // Simply call RtlpSetSecurityObject specifying no auto inheritance. // return RtlpSetSecurityObject( NULL, SecurityInformation, ModificationDescriptor, ObjectsSecurityDescriptor, 0, // No AutoInheritance PagedPool, GenericMapping, Token ); }

NTSTATUS RtlSetSecurityObjectEx (  IN SECURITY_INFORMATION  SecurityInformation, IN PSECURITY_DESCRIPTOR  ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *  ObjectsSecurityDescriptor, IN ULONG  AutoInheritFlags, IN PGENERIC_MAPPING  GenericMapping, IN HANDLE Token  OPTIONAL )

Definition at line 373 of file seurtl.c. References NULL, PagedPool, RtlpSetSecurityObject(), and Token. : See RtlpSetSecurityObject. Arguments: See RtlpSetSecurityObject. Return Value: See RtlpSetSecurityObject. --*/ { // // Simply call RtlpSetSecurityObject specifying no auto inheritance. // return RtlpSetSecurityObject( NULL, SecurityInformation, ModificationDescriptor, ObjectsSecurityDescriptor, AutoInheritFlags, PagedPool, GenericMapping, Token ); }

---