windows-nt/Source/XPSP1/NT/base/ntos/se/ctaccess.c

1268 lines
36 KiB
C
Raw Permalink Normal View History

2020-09-26 03:20:57 -05:00
/*++
Copyright (c) 1989 Microsoft Corporation
Module Name:
ctaccess.c
Abstract:
Common access validation test routines
These routines are used in both kernel and user mode tests.
This test assumes the security runtime library routines are
functioning correctly.
Author:
Robert Reichel (robertre) 12/14/90
Environment:
Test of access validation routines
Revision History:
v1: robertre
Created
--*/
#include "tsecomm.c" // Mode dependent macros and routines.
//
// Define the local macros and procedure for this module
//
//
// Return a pointer to the first Ace in an Acl (even if the Acl is empty).
//
// PACE_HEADER
// FirstAce (
// IN PACL Acl
// );
//
#define FirstAce(Acl) ((PVOID)((PUCHAR)(Acl) + sizeof(ACL)))
//
// Return a pointer to the next Ace in a sequence (even if the input
// Ace is the one in the sequence).
//
// PACE_HEADER
// NextAce (
// IN PACE_HEADER Ace
// );
//
#define NextAce(Ace) ((PVOID)((PUCHAR)(Ace) + ((PACE_HEADER)(Ace))->AceSize))
VOID
DumpAcl (
IN PACL Acl
);
////////////////////////////////////////////////////////////////
// //
// Module wide variables //
// //
////////////////////////////////////////////////////////////////
#define DEFAULT_DACL_LENGTH (1024L)
#define GROUP_IDS_LENGTH (1024L)
#define NEW_GROUP_STATE_LENGTH (1024L)
#define PRIVILEGES_LENGTH (128L)
#define TOO_BIG_ACL_SIZE (2048L)
//
// definitions related to TokenWithGroups
//
#define FLINTSTONE_INDEX (0L)
#define CHILD_INDEX (1L)
#define NEANDERTHOL_INDEX (2L)
#define WORLD_INDEX (3L)
#define GROUP_COUNT (4L)
//
// Definitions related to TokenWithPrivileges
//
#define UNSOLICITED_INDEX (0L)
#define SECURITY_INDEX (1L)
#define PRIVILEGE_COUNT (2L)
//
// Access types
//
#define SET_WIDGET_COLOR 0x00000001
#define SET_WIDGET_SIZE 0x00000002
#define GET_WIDGET_COLOR 0x00000004
#define GET_WIDGET_SIZE 0x00000008
#define START_WIDGET 0x00000010
#define STOP_WIDGET 0x00000020
#define GIVE_WIDGET 0x00000040
#define TAKE_WIDGET 0x00000080
NTSTATUS Status;
HANDLE SimpleToken;
HANDLE TokenWithGroups;
HANDLE TokenWithDefaultOwner;
HANDLE TokenWithPrivileges;
HANDLE TokenWithDefaultDacl;
HANDLE Token;
HANDLE ImpersonationToken;
HANDLE PrimaryToken;
HANDLE AnonymousToken;
OBJECT_ATTRIBUTES PrimaryTokenAttributes;
PSECURITY_DESCRIPTOR PrimarySecurityDescriptor;
SECURITY_QUALITY_OF_SERVICE PrimarySecurityQos;
OBJECT_ATTRIBUTES ImpersonationTokenAttributes;
PSECURITY_DESCRIPTOR ImpersonationSecurityDescriptor;
SECURITY_QUALITY_OF_SERVICE ImpersonationSecurityQos;
OBJECT_ATTRIBUTES AnonymousTokenAttributes;
PSECURITY_DESCRIPTOR AnonymousSecurityDescriptor;
SECURITY_QUALITY_OF_SERVICE AnonymousSecurityQos;
ULONG DisabledGroupAttributes;
ULONG OptionalGroupAttributes;
ULONG NormalGroupAttributes;
ULONG OwnerGroupAttributes;
ULONG LengthAvailable;
ULONG CurrentLength;
TIME_FIELDS TempTimeFields = {3000, 1, 1, 1, 1, 1, 1, 1};
LARGE_INTEGER NoExpiration;
LUID DummyAuthenticationId;
LUID SystemAuthenticationId = SYSTEM_LUID;
TOKEN_SOURCE TestSource = {"SE: TEST", 0};
PSID Owner;
PSID Group;
PACL Dacl;
PSID TempOwner;
PSID TempGroup;
PACL TempDacl;
////////////////////////////////////////////////////////////////
// //
// Initialization Routine //
// //
////////////////////////////////////////////////////////////////
BOOLEAN
TestTokenInitialize()
{
TSeVariableInitialization(); // Initialize global variables
DisabledGroupAttributes = (SE_GROUP_ENABLED_BY_DEFAULT);
OptionalGroupAttributes = (SE_GROUP_ENABLED_BY_DEFAULT |
SE_GROUP_ENABLED
);
NormalGroupAttributes = (SE_GROUP_MANDATORY |
SE_GROUP_ENABLED_BY_DEFAULT |
SE_GROUP_ENABLED
);
OwnerGroupAttributes = (SE_GROUP_MANDATORY |
SE_GROUP_ENABLED_BY_DEFAULT |
SE_GROUP_ENABLED |
SE_GROUP_OWNER
);
PrimarySecurityDescriptor =
(PSECURITY_DESCRIPTOR)TstAllocatePool( PagedPool, 1024 );
InitializeObjectAttributes(
&PrimaryTokenAttributes,
NULL,
OBJ_INHERIT,
NULL,
NULL
);
ImpersonationSecurityDescriptor =
(PSECURITY_DESCRIPTOR)TstAllocatePool( PagedPool, 1024 );
ImpersonationSecurityQos.Length = (ULONG)sizeof(SECURITY_QUALITY_OF_SERVICE);
ImpersonationSecurityQos.ImpersonationLevel = SecurityImpersonation;
ImpersonationSecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
ImpersonationSecurityQos.EffectiveOnly = FALSE;
InitializeObjectAttributes(
&ImpersonationTokenAttributes,
NULL,
OBJ_INHERIT,
NULL,
NULL
);
ImpersonationTokenAttributes.SecurityQualityOfService =
&ImpersonationSecurityQos;
AnonymousSecurityDescriptor =
(PSECURITY_DESCRIPTOR)TstAllocatePool( PagedPool, 1024 );
AnonymousSecurityQos.Length = (ULONG)sizeof(SECURITY_QUALITY_OF_SERVICE);
AnonymousSecurityQos.ImpersonationLevel = SecurityAnonymous;
AnonymousSecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
AnonymousSecurityQos.EffectiveOnly = FALSE;
InitializeObjectAttributes(
&AnonymousTokenAttributes,
NULL,
OBJ_INHERIT,
NULL,
NULL
);
AnonymousTokenAttributes.SecurityQualityOfService =
&AnonymousSecurityQos;
//
// Build an ACL for use.
//
Dacl = (PACL)TstAllocatePool( PagedPool, 256 );
Dacl->AclRevision=ACL_REVISION;
Dacl->Sbz1=0;
Dacl->Sbz2=0;
Dacl->AclSize=256;
Dacl->AceCount=0;
//
// Set up expiration times
//
TempTimeFields.Year = 3000;
TempTimeFields.Month = 1;
TempTimeFields.Day = 1;
TempTimeFields.Hour = 1;
TempTimeFields.Minute = 1;
TempTimeFields.Second = 1;
TempTimeFields.Milliseconds = 1;
TempTimeFields.Weekday = 1;
RtlTimeFieldsToTime( &TempTimeFields, &NoExpiration );
//
// Use a dummy authentication ID for a while.
//
DummyAuthenticationId = FredLuid;
//
// Use a token source specific to security test
//
NtAllocateLocallyUniqueId( &(TestSource.SourceIdentifier) );
DbgPrint("Done.\n");
return TRUE;
}
BOOLEAN
CreateDAclToken()
{
BOOLEAN CompletionStatus = TRUE;
TOKEN_USER UserId;
TOKEN_PRIMARY_GROUP PrimaryGroup;
PTOKEN_GROUPS GroupIds;
PTOKEN_PRIVILEGES Privileges;
TOKEN_DEFAULT_DACL DefaultDacl;
TOKEN_OWNER Owner;
PSECURITY_DESCRIPTOR Widget1SecurityDescriptor;
NTSTATUS AccessStatus;
ACCESS_MASK GrantedAccess;
PACCESS_ALLOWED_ACE AllowBarneySetColor;
PACCESS_ALLOWED_ACE AllowFredSetColor;
PACCESS_DENIED_ACE DenyPebblesSetColor;
PACCESS_ALLOWED_ACE AllowPebblesSetColor;
PACCESS_DENIED_ACE DenyFredSetColor;
PACCESS_ALLOWED_ACE AllowBarneySetSize;
PACCESS_ALLOWED_ACE AllowPebblesSetSize;
PACCESS_ALLOWED_ACE AllowPebblesGetColor;
PACCESS_ALLOWED_ACE AllowPebblesGetSize;
USHORT AllowBarneySetColorLength;
USHORT AllowFredSetColorLength;
USHORT DenyPebblesSetColorLength;
USHORT AllowPebblesSetColorLength;
USHORT DenyFredSetColorLength;
USHORT AllowBarneySetSizeLength;
USHORT AllowPebblesSetSizeLength;
USHORT AllowPebblesGetColorLength;
USHORT AllowPebblesGetSizeLength;
DbgPrint("\n");
GroupIds = (PTOKEN_GROUPS)TstAllocatePool( PagedPool,
GROUP_IDS_LENGTH
);
Privileges = (PTOKEN_PRIVILEGES)TstAllocatePool( PagedPool,
PRIVILEGES_LENGTH
);
DefaultDacl.DefaultDacl = (PACL)TstAllocatePool( PagedPool,
DEFAULT_DACL_LENGTH
);
//
// Create a token with default DACL
//
DbgPrint("Se: Create Token With Default Dacl ... ");
GroupIds->GroupCount = GROUP_COUNT;
GroupIds->Groups[FLINTSTONE_INDEX].Sid = FlintstoneSid;
GroupIds->Groups[CHILD_INDEX].Sid = ChildSid;
GroupIds->Groups[NEANDERTHOL_INDEX].Sid = NeandertholSid;
GroupIds->Groups[WORLD_INDEX].Sid = WorldSid;
GroupIds->Groups[FLINTSTONE_INDEX].Attributes = OwnerGroupAttributes;
GroupIds->Groups[CHILD_INDEX].Attributes = OptionalGroupAttributes;
GroupIds->Groups[NEANDERTHOL_INDEX].Attributes = OptionalGroupAttributes;
GroupIds->Groups[WORLD_INDEX].Attributes = NormalGroupAttributes;
UserId.User.Sid = PebblesSid;
UserId.User.Attributes = 0;
Owner.Owner = FlintstoneSid;
Privileges->PrivilegeCount = PRIVILEGE_COUNT;
Privileges->Privileges[UNSOLICITED_INDEX].Luid = UnsolicitedInputPrivilege;
Privileges->Privileges[SECURITY_INDEX].Luid = SecurityPrivilege;
Privileges->Privileges[UNSOLICITED_INDEX].Attributes = 0;
Privileges->Privileges[SECURITY_INDEX].Attributes = 0;
PrimaryGroup.PrimaryGroup = FlintstoneSid;
Status = RtlCreateAcl( DefaultDacl.DefaultDacl, DEFAULT_DACL_LENGTH, ACL_REVISION);
ASSERT(NT_SUCCESS(Status) );
Status = NtCreateToken(
&PrimaryToken, // Handle
(TOKEN_ALL_ACCESS), // DesiredAccess
&PrimaryTokenAttributes, // ObjectAttributes
TokenPrimary, // TokenType
&DummyAuthenticationId, // Authentication LUID
&NoExpiration, // Expiration Time
&UserId, // Owner ID
GroupIds, // Group IDs
Privileges, // Privileges
&Owner, // Owner
&PrimaryGroup, // Primary Group
&DefaultDacl, // Default Dacl
&TestSource // TokenSource
);
if (NT_SUCCESS(Status)) {
DbgPrint("Succeeded.\n");
} else {
DbgPrint("********** Failed ************\n");
DbgPrint("Status is: 0x%lx \n", Status);
CompletionStatus = FALSE;
}
ASSERT(NT_SUCCESS(Status));
//
// Create an impersonation token, Impersonation level = Impersonation
//
DbgPrint("Se: Create an impersonation token ... ");
GroupIds->GroupCount = GROUP_COUNT;
GroupIds->Groups[FLINTSTONE_INDEX].Sid = FlintstoneSid;
GroupIds->Groups[CHILD_INDEX].Sid = ChildSid;
GroupIds->Groups[NEANDERTHOL_INDEX].Sid = NeandertholSid;
GroupIds->Groups[WORLD_INDEX].Sid = WorldSid;
GroupIds->Groups[FLINTSTONE_INDEX].Attributes = OwnerGroupAttributes;
GroupIds->Groups[CHILD_INDEX].Attributes = OptionalGroupAttributes;
GroupIds->Groups[NEANDERTHOL_INDEX].Attributes = OptionalGroupAttributes;
GroupIds->Groups[WORLD_INDEX].Attributes = NormalGroupAttributes;
UserId.User.Sid = PebblesSid;
UserId.User.Attributes = 0;
Owner.Owner = FlintstoneSid;
Privileges->PrivilegeCount = PRIVILEGE_COUNT;
Privileges->Privileges[UNSOLICITED_INDEX].Luid = UnsolicitedInputPrivilege;
Privileges->Privileges[SECURITY_INDEX].Luid = SecurityPrivilege;
Privileges->Privileges[UNSOLICITED_INDEX].Attributes = 0;
Privileges->Privileges[SECURITY_INDEX].Attributes = 0;
PrimaryGroup.PrimaryGroup = FlintstoneSid;
Status = RtlCreateAcl( DefaultDacl.DefaultDacl, DEFAULT_DACL_LENGTH, ACL_REVISION);
ASSERT(NT_SUCCESS(Status) );
Status = NtCreateToken(
&ImpersonationToken, // Handle
(TOKEN_ALL_ACCESS), // DesiredAccess
&ImpersonationTokenAttributes, // ObjectAttributes
TokenImpersonation, // TokenType
&DummyAuthenticationId, // Authentication LUID
&NoExpiration, // Expiration Time
&UserId, // Owner ID
GroupIds, // Group IDs
Privileges, // Privileges
&Owner, // Owner
&PrimaryGroup, // Primary Group
&DefaultDacl, // Default Dacl
&TestSource // TokenSource
);
if (NT_SUCCESS(Status)) {
DbgPrint("Succeeded.\n");
} else {
DbgPrint("********** Failed ************\n");
DbgPrint("Status is: 0x%lx \n", Status);
CompletionStatus = FALSE;
}
ASSERT(NT_SUCCESS(Status));
//
// Attach tokens to process
//
NtSetInformationProcess(
NtCurrentProcess(),
ProcessAccessToken,
&PrimaryToken,
sizeof( PHANDLE ));
NtSetInformationThread(
NtCurrentThread(),
ThreadImpersonationToken,
&ImpersonationToken,
sizeof( PHANDLE ));
// Create some ACEs
// AllowBarneySetColor
AllowBarneySetColorLength = (USHORT)(sizeof( ACCESS_ALLOWED_ACE ) - sizeof( ULONG ) +
SeLengthSid( BarneySid ));
AllowBarneySetColor = (PVOID) TstAllocatePool ( PagedPool, AllowBarneySetColorLength );
AllowBarneySetColor->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
AllowBarneySetColor->Header.AceSize = AllowBarneySetColorLength;
AllowBarneySetColor->Header.AceFlags = 0;
AllowBarneySetColor->Mask = SET_WIDGET_COLOR;
RtlCopySid(
SeLengthSid( BarneySid ),
&(AllowBarneySetColor->SidStart),
BarneySid );
// DenyPebblesSetColor
DenyPebblesSetColorLength = (USHORT)(sizeof( ACCESS_DENIED_ACE ) - sizeof( ULONG ) +
SeLengthSid( BarneySid ));
DenyPebblesSetColor = (PVOID) TstAllocatePool ( PagedPool, DenyPebblesSetColorLength );
DenyPebblesSetColor->Header.AceType = ACCESS_DENIED_ACE_TYPE;
DenyPebblesSetColor->Header.AceSize = DenyPebblesSetColorLength;
DenyPebblesSetColor->Header.AceFlags = 0;
DenyPebblesSetColor->Mask = SET_WIDGET_COLOR;
RtlCopySid(
SeLengthSid( PebblesSid ),
&(DenyPebblesSetColor->SidStart),
PebblesSid );
// AllowFredSetColor
AllowFredSetColorLength = (USHORT)(sizeof( ACCESS_ALLOWED_ACE ) - sizeof( ULONG ) +
SeLengthSid( FredSid ));
AllowFredSetColor = (PVOID) TstAllocatePool ( PagedPool, AllowFredSetColorLength );
AllowFredSetColor->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
AllowFredSetColor->Header.AceSize = AllowFredSetColorLength;
AllowFredSetColor->Header.AceFlags = 0;
AllowFredSetColor->Mask = SET_WIDGET_COLOR;
RtlCopySid(
SeLengthSid( FredSid ),
&(AllowFredSetColor->SidStart),
FredSid );
// AllowPebblesSetColor
AllowPebblesSetColorLength = (USHORT)(sizeof( ACCESS_ALLOWED_ACE ) - sizeof( ULONG ) +
SeLengthSid( PebblesSid ));
AllowPebblesSetColor = (PVOID) TstAllocatePool ( PagedPool, AllowPebblesSetColorLength );
AllowPebblesSetColor->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
AllowPebblesSetColor->Header.AceSize = AllowPebblesSetColorLength;
AllowPebblesSetColor->Header.AceFlags = 0;
AllowPebblesSetColor->Mask = SET_WIDGET_COLOR;
RtlCopySid(
SeLengthSid( PebblesSid ),
&(AllowPebblesSetColor->SidStart),
PebblesSid );
// DenyFredSetColor
DenyFredSetColorLength = (USHORT)(sizeof( ACCESS_DENIED_ACE ) - sizeof( ULONG ) +
SeLengthSid( FredSid ));
DenyFredSetColor = (PVOID) TstAllocatePool ( PagedPool, DenyFredSetColorLength );
DenyFredSetColor->Header.AceType = ACCESS_DENIED_ACE_TYPE;
DenyFredSetColor->Header.AceSize = DenyFredSetColorLength;
DenyFredSetColor->Header.AceFlags = 0;
DenyFredSetColor->Mask = SET_WIDGET_COLOR;
RtlCopySid(
SeLengthSid( FredSid ),
&(DenyFredSetColor->SidStart),
FredSid );
// AllowBarneySetSize
AllowBarneySetSizeLength = (USHORT)(sizeof( ACCESS_ALLOWED_ACE ) - sizeof( ULONG ) +
SeLengthSid( BarneySid ));
AllowBarneySetSize = (PVOID) TstAllocatePool ( PagedPool, AllowBarneySetSizeLength );
AllowBarneySetSize->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
AllowBarneySetSize->Header.AceSize = AllowBarneySetSizeLength;
AllowBarneySetSize->Header.AceFlags = 0;
AllowBarneySetSize->Mask = SET_WIDGET_SIZE;
RtlCopySid(
SeLengthSid( BarneySid ),
&(AllowBarneySetSize->SidStart),
BarneySid );
// AllowPebblesSetSize
AllowPebblesSetSizeLength = (USHORT)(sizeof( ACCESS_ALLOWED_ACE ) - sizeof( ULONG ) +
SeLengthSid( PebblesSid ));
AllowPebblesSetSize = (PVOID) TstAllocatePool ( PagedPool, AllowPebblesSetSizeLength );
AllowPebblesSetSize->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
AllowPebblesSetSize->Header.AceSize = AllowPebblesSetSizeLength;
AllowPebblesSetSize->Header.AceFlags = 0;
AllowPebblesSetSize->Mask = SET_WIDGET_SIZE;
RtlCopySid(
SeLengthSid( PebblesSid ),
&(AllowPebblesSetSize->SidStart),
PebblesSid );
// AllowPebblesGetSize
AllowPebblesGetSizeLength = (USHORT)(sizeof( ACCESS_ALLOWED_ACE ) - sizeof( ULONG ) +
SeLengthSid( PebblesSid ));
AllowPebblesGetSize = (PVOID) TstAllocatePool ( PagedPool, AllowPebblesGetSizeLength );
AllowPebblesGetSize->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
AllowPebblesGetSize->Header.AceSize = AllowPebblesGetSizeLength;
AllowPebblesGetSize->Header.AceFlags = 0;
AllowPebblesGetSize->Mask = SET_WIDGET_SIZE;
RtlCopySid(
SeLengthSid( PebblesSid ),
&(AllowPebblesGetSize->SidStart),
PebblesSid );
// AllowPebblesGetColor
AllowPebblesGetColorLength = (USHORT)(sizeof( ACCESS_ALLOWED_ACE ) - sizeof( ULONG ) +
SeLengthSid( PebblesSid ));
AllowPebblesGetColor = (PVOID) TstAllocatePool ( PagedPool, AllowPebblesGetColorLength );
AllowPebblesGetColor->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
AllowPebblesGetColor->Header.AceSize = AllowPebblesGetColorLength;
AllowPebblesGetColor->Header.AceFlags = 0;
AllowPebblesGetColor->Mask = SET_WIDGET_COLOR;
RtlCopySid(
SeLengthSid( PebblesSid ),
&(AllowPebblesGetColor->SidStart),
PebblesSid );
//
// Create some ACLs that we can put into a Security Descriptor
//
DbgBreakPoint();
//
// Dacl
//
// +----------------+ +----------------+ +----------------+
// | 1st ACE | | 2nd ACE | | 3rd ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessDenied | | AccessAllowed |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | FRED |
// +----------------+ +----------------+ +----------------+
// | SetWidgeColor | | SetWidgeColor | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
Dacl = (PACL) TstAllocatePool ( PagedPool, 2048 );
RtlCreateAcl( Dacl, 2048, ACL_REVISION);
RtlAddAce ( Dacl,
ACL_REVISION,
0,
AllowBarneySetColor,
AllowBarneySetColorLength );
RtlAddAce ( Dacl,
ACL_REVISION,
1,
DenyPebblesSetColor,
DenyPebblesSetColorLength );
RtlAddAce ( Dacl,
ACL_REVISION,
2,
DenyFredSetColor,
AllowFredSetColorLength );
DumpAcl (Dacl);
// Create a security descriptor
//
// Owner = Pebbles
// Group = Flintstone
// Dacl = Dacl
// Sacl = NULL
//
Widget1SecurityDescriptor =
(PSECURITY_DESCRIPTOR)TstAllocatePool( PagedPool, 1024 );
RtlCreateSecurityDescriptor( Widget1SecurityDescriptor,
1 );
RtlSetOwnerSecurityDescriptor( Widget1SecurityDescriptor,
PebblesSid,
FALSE );
RtlSetGroupSecurityDescriptor( Widget1SecurityDescriptor,
FlintstoneSid,
FALSE );
RtlSetDaclSecurityDescriptor( Widget1SecurityDescriptor,
TRUE,
Dacl,
FALSE );
RtlSetSaclSecurityDescriptor( Widget1SecurityDescriptor,
FALSE,
NULL,
NULL );
// See if Pebbles is allowed SET_WIDGET_COLOR (should be denied)
Status = NtAccessCheck( Widget1SecurityDescriptor,
PrimaryToken,
(ACCESS_MASK) SET_WIDGET_COLOR,
&GrantedAccess,
&AccessStatus );
// DbgBreakPoint();
ASSERT(NT_SUCCESS(Status));
ASSERT(!NT_SUCCESS(AccessStatus));
ASSERT(GrantedAccess == NULL);
// Update Dacl to be the following:
//
// Dacl2
//
// +----------------+ +----------------+ +----------------+
// | 1st ACE | | 2nd ACE | | 3rd ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessAllowed | | AccessDenied |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | FRED |
// +----------------+ +----------------+ +----------------+
// | SetWidgeColor | | SetWidgeColor | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
// Delete 2nd Ace
RtlDeleteAce (Dacl, 1);
RtlAddAce ( Dacl,
ACL_REVISION,
1,
AllowPebblesSetColor,
AllowPebblesSetColorLength );
RtlDeleteAce ( Dacl, 2 );
RtlAddAce ( Dacl,
ACL_REVISION,
1,
DenyFredSetColor,
DenyFredSetColorLength );
// Change the security descriptor to use updated Dacl
//
// Owner = Pebbles
// Group = Flintstone
// Dacl = Dacl2
// Sacl = NULL
//
RtlSetDaclSecurityDescriptor( Widget1SecurityDescriptor,
TRUE,
Dacl,
FALSE );
// See if Pebbles is allowed SET_WIDGET_COLOR (should be permitted)
Status = NtAccessCheck( Widget1SecurityDescriptor,
PrimaryToken,
(ACCESS_MASK) SET_WIDGET_COLOR,
&GrantedAccess,
&AccessStatus );
ASSERT(NT_SUCCESS(Status));
ASSERT(NT_SUCCESS(AccessStatus));
ASSERT(GrantedAccess == (ACCESS_MASK)SET_WIDGET_COLOR);
//
// Dacl3
//
// +----------------+ +----------------+ +----------------+
// | 1st ACE | | 2nd ACE | | 3rd ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessAllowed | | AccessDenied |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | FRED |
// +----------------+ +----------------+ +----------------+
// | SetWidgeColor | | SetWidgeColor | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
// +----------------+ +----------------+
// | 4th ACE | | 5th ACE |
// +----------------+ +----------------+
// | AccessAllowed | | AccessAllowed |
// +----------------+ +----------------+
// | BARNEY | | PEBBLES |
// +----------------+ +----------------+
// | SetWidgeSize | | SetWidgeSize |
// +----------------+ +----------------+
//
RtlAddAce ( Dacl,
ACL_REVISION,
MAXULONG,
AllowBarneySetSize,
AllowBarneySetSizeLength );
RtlAddAce ( Dacl,
ACL_REVISION,
MAXULONG,
AllowPebblesSetSize,
AllowPebblesSetSizeLength );
// Change the security descriptor to use Dacl3
//
// Owner = Pebbles
// Group = Flintstone
// Dacl = Dacl3
// Sacl = NULL
//
RtlSetDaclSecurityDescriptor( Widget1SecurityDescriptor,
TRUE,
Dacl,
FALSE );
// Request MAXIMUM_ACCESS for Pebbles. Should get back SetWidgetSize
// and SetWidgetColor
Status = NtAccessCheck( Widget1SecurityDescriptor,
PrimaryToken,
(ACCESS_MASK) MAXIMUM_ALLOWED,
&GrantedAccess,
&AccessStatus );
ASSERT(NT_SUCCESS(Status));
ASSERT(NT_SUCCESS(AccessStatus));
ASSERT(GrantedAccess == (ACCESS_MASK) (SET_WIDGET_COLOR | SET_WIDGET_SIZE));
//
// Dacl4
//
// +----------------+ +----------------+ +----------------+
// | 1st ACE | | 2nd ACE | | 3rd ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessAllowed | | AccessDenied |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | FRED |
// +----------------+ +----------------+ +----------------+
// | SetWidgeColor | | SetWidgeColor | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
// +----------------+ +----------------+ +----------------+
// | 4th ACE | | 5th ACE | | 6th ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessAllowed | | AccessDenied |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | PEBBLES |
// +----------------+ +----------------+ +----------------+
// | SetWidgeSize | | SetWidgeSize | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
RtlAddAce ( Dacl,
ACL_REVISION,
MAXULONG,
DenyPebblesSetColor,
DenyPebblesSetColorLength );
RtlSetDaclSecurityDescriptor( Widget1SecurityDescriptor,
TRUE,
Dacl,
FALSE );
// Request MAXIMUM_ACCESS for Pebbles. Should get back SetWidgetSize
// and SetWidgetColor
Status = NtAccessCheck( Widget1SecurityDescriptor,
PrimaryToken,
(ACCESS_MASK) MAXIMUM_ALLOWED,
&GrantedAccess,
&AccessStatus );
ASSERT(NT_SUCCESS(Status));
ASSERT(NT_SUCCESS(AccessStatus));
ASSERT(GrantedAccess == (ACCESS_MASK) (SET_WIDGET_COLOR | SET_WIDGET_SIZE));
//
// Dacl5
//
// +----------------+ +----------------+ +----------------+
// | 1st ACE | | 2nd ACE | | 3rd ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessDenied | | AccessDenied |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | FRED |
// +----------------+ +----------------+ +----------------+
// | SetWidgeColor | | SetWidgeColor | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
// +----------------+ +----------------+ +----------------+
// | 4th ACE | | 5th ACE | | 6th ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessAllowed | | AccessAllowed |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | PEBBLES |
// +----------------+ +----------------+ +----------------+
// | SetWidgeSize | | SetWidgeSize | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
RtlDeleteAce (Dacl, 1);
RtlAddAce ( Dacl,
ACL_REVISION,
1,
DenyPebblesSetColor,
DenyPebblesSetColorLength );
RtlDeleteAce (Dacl, 5);
RtlAddAce ( Dacl,
ACL_REVISION,
MAXULONG,
AllowPebblesSetColor,
AllowPebblesSetColorLength );
DumpAcl ( Dacl );
RtlSetDaclSecurityDescriptor( Widget1SecurityDescriptor,
TRUE,
Dacl,
FALSE );
// Request MAXIMUM_ACCESS for Pebbles. Should get back SetWidgetSize
Status = NtAccessCheck( Widget1SecurityDescriptor,
PrimaryToken,
(ACCESS_MASK) MAXIMUM_ALLOWED,
&GrantedAccess,
&AccessStatus );
ASSERT(NT_SUCCESS(Status));
ASSERT(NT_SUCCESS(AccessStatus));
ASSERT(GrantedAccess == (ACCESS_MASK) SET_WIDGET_SIZE);
//
// Dacl6
//
// +----------------+ +----------------+ +----------------+
// | 1st ACE | | 2nd ACE | | 3rd ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessDenied | | AccessDenied |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | FRED |
// +----------------+ +----------------+ +----------------+
// | SetWidgeColor | | SetWidgeColor | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
// +----------------+ +----------------+ +----------------+
// | 4th ACE | | 5th ACE | | 6th ACE |
// +----------------+ +----------------+ +----------------+
// | AccessAllowed | | AccessAllowed | | AccessAllowed |
// +----------------+ +----------------+ +----------------+
// | BARNEY | | PEBBLES | | PEBBLES |
// +----------------+ +----------------+ +----------------+
// | SetWidgeSize | | SetWidgeSize | | SetWidgeColor |
// +----------------+ +----------------+ +----------------+
//
// +----------------+ +----------------+
// | 7th ACE | | 8th ACE |
// +----------------+ +----------------+
// | AccessAllowed | | AccessAllowed |
// +----------------+ +----------------+
// | PEBBLES | | PEBBLES |
// +----------------+ +----------------+
// | GetWidgeSize | | GetWidgeColor |
// +----------------+ +----------------+
//
RtlAddAce ( Dacl,
ACL_REVISION,
MAXULONG,
AllowPebblesGetSize,
AllowPebblesGetSizeLength );
RtlAddAce ( Dacl,
ACL_REVISION,
MAXULONG,
AllowPebblesGetColor,
AllowPebblesGetColorLength );
DumpAcl ( Dacl );
RtlSetDaclSecurityDescriptor( Widget1SecurityDescriptor,
TRUE,
Dacl,
FALSE );
// Request MAXIMUM_ACCESS for Pebbles. Should get back SetWidgetSize
Status = NtAccessCheck( Widget1SecurityDescriptor,
PrimaryToken,
(ACCESS_MASK) MAXIMUM_ALLOWED,
&GrantedAccess,
&AccessStatus );
ASSERT(NT_SUCCESS(Status));
ASSERT(NT_SUCCESS(AccessStatus));
ASSERT(GrantedAccess == (ACCESS_MASK) SET_WIDGET_SIZE);
return(TRUE);
}
/////////////////////////////////////////////////////////////////////
// //
// //
// Main test entry point //
// //
// //
/////////////////////////////////////////////////////////////////////
BOOLEAN
CTAccess()
{
BOOLEAN Result = TRUE;
if (!TSeVariableInitialization()) {
DbgPrint("Se: Failed to initialize global test variables.\n");
return FALSE;
}
DbgPrint("Se: Initialization...");
TestTokenInitialize();
CreateDAclToken();
}
//
// Debug support routine
//
typedef struct _STANDARD_ACE {
ACE_HEADER Header;
ACCESS_MASK Mask;
PSID Sid;
} STANDARD_ACE;
typedef STANDARD_ACE *PSTANDARD_ACE;
VOID
DumpAcl (
IN PACL Acl
)
/*++
Routine Description:
This routine dumps via (DbgPrint) an Acl for debug purposes. It is
specialized to dump standard aces.
Arguments:
Acl - Supplies the Acl to dump
Return Value:
None
--*/
{
ULONG i;
PSTANDARD_ACE Ace;
DbgPrint("DumpAcl @ %8lx", Acl);
//
// Check if the Acl is null
//
if (Acl == NULL) {
return;
}
//
// Dump the Acl header
//
DbgPrint(" Revision: %02x", Acl->AclRevision);
DbgPrint(" Size: %04x", Acl->AclSize);
DbgPrint(" AceCount: %04x\n", Acl->AceCount);
//
// Now for each Ace we want do dump it
//
for (i = 0, Ace = FirstAce(Acl);
i < Acl->AceCount;
i++, Ace = NextAce(Ace) ) {
//
// print out the ace header
//
DbgPrint(" AceHeader: %08lx ", *(PULONG)Ace);
//
// special case on the standard ace types
//
if ((Ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE) ||
(Ace->Header.AceType == ACCESS_DENIED_ACE_TYPE) ||
(Ace->Header.AceType == SYSTEM_AUDIT_ACE_TYPE) ||
(Ace->Header.AceType == SYSTEM_ALARM_ACE_TYPE)) {
//
// The following array is indexed by ace types and must
// follow the allowed, denied, audit, alarm seqeuence
//
static PCHAR AceTypes[] = { "Access Allowed",
"Access Denied ",
"System Audit ",
"System Alarm "
};
DbgPrint(AceTypes[Ace->Header.AceType]);
DbgPrint("\nAccess Mask: %08lx ", Ace->Mask);
} else {
DbgPrint("Unknown Ace Type\n");
}
DbgPrint("\n");
DbgPrint("AceSize = %d\n",Ace->Header.AceSize);
DbgPrint("Ace Flags = ");
if (Ace->Header.AceFlags & OBJECT_INHERIT_ACE) {
DbgPrint("OBJECT_INHERIT_ACE\n");
DbgPrint(" ");
}
if (Ace->Header.AceFlags & CONTAINER_INHERIT_ACE) {
DbgPrint("CONTAINER_INHERIT_ACE\n");
DbgPrint(" ");
}
if (Ace->Header.AceFlags & NO_PROPAGATE_INHERIT_ACE) {
DbgPrint("NO_PROPAGATE_INHERIT_ACE\n");
DbgPrint(" ");
}
if (Ace->Header.AceFlags & INHERIT_ONLY_ACE) {
DbgPrint("INHERIT_ONLY_ACE\n");
DbgPrint(" ");
}
if (Ace->Header.AceFlags & SUCCESSFUL_ACCESS_ACE_FLAG) {
DbgPrint("SUCCESSFUL_ACCESS_ACE_FLAG\n");
DbgPrint(" ");
}
if (Ace->Header.AceFlags & FAILED_ACCESS_ACE_FLAG) {
DbgPrint("FAILED_ACCESS_ACE_FLAG\n");
DbgPrint(" ");
}
DbgPrint("\n");
}
}