-
Notifications
You must be signed in to change notification settings - Fork 0
/
dcomperm.h
294 lines (243 loc) · 4.68 KB
/
dcomperm.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
// THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
// ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO
// THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
// PARTICULAR PURPOSE.
//
// Copyright (c) Microsoft Corporation. All rights reserved.
#define GUIDSTR_MAX 38
#ifndef STR2UNI
#define STR2UNI(unistr, regstr) \
mbstowcs_s (NULL, unistr, RTL_NUMBER_OF(unistr), regstr, strlen (regstr)+1);
#define UNI2STR(regstr, unistr) \
wcstombs_s (NULL, regstr, RTL_NUMBER_OF(regstr), unistr, wcslen (unistr)+1);
#endif
#define ACE_TYPE_ALL ((DWORD)-1L)
#define SIZE_NAME_BUFFER 256
#define SIZE_MSG_BUFFER 256
#define SDTYPE_MACHINE_LAUNCH (0x1L)
#define SDTYPE_MACHINE_ACCESS (0x2L)
#define SDTYPE_DEFAULT_LAUNCH (0x4L)
#define SDTYPE_DEFAULT_ACCESS (0x8L)
#define SDTYPE_APPLICATION_LAUNCH (0x10L)
#define SDTYPE_APPLICATION_ACCESS (0x20L)
#define SDTYPE_ACCESS (SDTYPE_MACHINE_ACCESS|SDTYPE_DEFAULT_ACCESS|SDTYPE_APPLICATION_ACCESS)
#ifndef COM_RIGHTS_EXECUTE_LOCAL
#define COM_RIGHTS_EXECUTE_LOCAL 0x2
#endif
#ifndef COM_RIGHTS_EXECUTE_REMOTE
#define COM_RIGHTS_EXECUTE_REMOTE 0x4
#endif
#ifndef COM_RIGHTS_ACTIVATE_LOCAL
#define COM_RIGHTS_ACTIVATE_LOCAL 0x8
#endif
#ifndef COM_RIGHTS_ACTIVATE_REMOTE
#define COM_RIGHTS_ACTIVATE_REMOTE 0x10
#endif
//
// Wrappers
//
DWORD
ListMachineAccessACL();
DWORD
ListMachineLaunchACL();
DWORD
ListDefaultAccessACL();
DWORD
ListDefaultLaunchACL();
DWORD
ListAppIDAccessACL (
LPTSTR AppID
);
DWORD
ListAppIDLaunchACL (
LPTSTR AppID
);
DWORD
ChangeMachineAccessACL (
LPTSTR tszPrincipal,
BOOL fSetPrincipal,
BOOL fPermit,
DWORD dwAccessMask
);
DWORD
ChangeMachineLaunchAndActivateACL (
LPTSTR tszPrincipal,
BOOL fSetPrincipal,
BOOL fPermit,
DWORD dwAccessMask
);
DWORD
ChangeDefaultAccessACL (
LPTSTR Principal,
BOOL SetPrincipal,
BOOL Permit,
DWORD dwAccessMask
);
DWORD
ChangeDefaultLaunchAndActivateACL (
LPTSTR Principal,
BOOL SetPrincipal,
BOOL Permit,
DWORD dwAccessMask
);
DWORD
ChangeAppIDAccessACL (
LPTSTR AppID,
LPTSTR Principal,
BOOL SetPrincipal,
BOOL Permit,
DWORD dwAccessMask
);
DWORD
ChangeAppIDLaunchAndActivateACL (
LPTSTR AppID,
LPTSTR Principal,
BOOL SetPrincipal,
BOOL Permit,
DWORD dwAccessMask
);
DWORD GetRunAsPassword (
LPTSTR AppID,
LPTSTR Password
);
DWORD SetRunAsPassword (
LPTSTR AppID,
LPTSTR Principal,
LPTSTR Password
);
DWORD GetRunAsPassword (
LPTSTR AppID,
LPTSTR Password
);
DWORD SetRunAsPassword (
LPTSTR AppID,
LPTSTR Password
);
//
// Internal functions
//
DWORD
CreateNewSD (
SECURITY_DESCRIPTOR **SD
);
DWORD
SetAclDefaults(
PACL pDacl,
DWORD dwSDType
);
DWORD
MakeSDAbsolute (
PSECURITY_DESCRIPTOR OldSD,
PSECURITY_DESCRIPTOR *NewSD
);
DWORD
SetNamedValueSD (
HKEY RootKey,
LPTSTR KeyName,
LPTSTR ValueName,
SECURITY_DESCRIPTOR *SD
);
DWORD
GetNamedValueSD (
HKEY RootKey,
LPTSTR KeyName,
LPTSTR ValueName,
SECURITY_DESCRIPTOR **SD,
BOOL *NewSD
);
DWORD
ListNamedValueSD (
HKEY hkeyRoot,
LPTSTR tszKeyName,
LPTSTR tszValueName,
DWORD dwSDType
);
DWORD
AddPrincipalToNamedValueSD (
HKEY RootKey,
LPTSTR KeyName,
LPTSTR ValueName,
LPTSTR Principal,
BOOL Permit,
DWORD dwAccessMask,
DWORD dwSDType
);
DWORD
UpdatePrincipalInNamedValueSD (
HKEY hkeyRoot,
LPTSTR tszKeyName,
LPTSTR tszValueName,
LPTSTR tszPrincipal,
DWORD dwAccessMask,
BOOL fRemove,
DWORD fAceType
);
DWORD
RemovePrincipalFromNamedValueSD (
HKEY RootKey,
LPTSTR KeyName,
LPTSTR ValueName,
LPTSTR Principal,
DWORD fAceType
);
BOOL
IsLegacySecurityModel ();
DWORD
GetCurrentUserSID (
PSID *Sid
);
DWORD
GetPrincipalSID (
LPTSTR Principal,
PSID *Sid
);
DWORD
CopyACL (
PACL paclOld,
PACL paclNew
);
DWORD
AddAccessDeniedACEToACL (
PACL *paclOrig,
DWORD dwPermissionMask,
LPTSTR tszPrincipal
);
DWORD
AddAccessAllowedACEToACL (
PACL *paclOrig,
DWORD dwAccessMask,
LPTSTR tszPrincipal
);
DWORD
UpdatePrincipalInACL (
PACL paclOrig,
LPTSTR tszPrincipal,
DWORD dwAccessMask,
BOOL fRemove,
DWORD fAceType
);
DWORD
RemovePrincipalFromACL (
PACL paclOrig,
LPTSTR tszPrincipal,
DWORD fAceType
);
void
ListACL (
PACL Acl,
DWORD dwSDType
);
DWORD
SetAccountRights (
LPTSTR User,
LPTSTR Privilege
);
//
// Utility Functions
//
LPTSTR
SystemMessage (
LPTSTR szBuffer,
DWORD cbBuffer,
HRESULT hr
);