windows-nt/Source/XPSP1/NT/base/pnp/setupapi/sputils/security.c

312 lines
7.7 KiB
C
Raw Permalink Normal View History

2020-09-26 03:20:57 -05:00
/*++
Copyright (c) 1995-2000 Microsoft Corporation
Module Name:
security.c
Abstract:
Routines to deal with security-related stuff.
Externally exposed routines:
pSetupIsUserAdmin
pSetupDoesUserHavePrivilege
pSetupEnablePrivilege
Author:
Ted Miller (tedm) 14-Jun-1995
Revision History:
Jamie Hunter (jamiehun) Jun-27-2000
Moved functions to sputils
--*/
#include "precomp.h"
#include <lmaccess.h>
#pragma hdrstop
#ifndef SPUTILSW
BOOL
pSetupIsUserAdmin(
VOID
)
/*++
Routine Description:
This routine returns TRUE if the caller's process has admin privs
Caller is NOT expected to be impersonating anyone and IS
expected to be able to open their own process and process
token.
Though we could use CheckTokenMembership
this function may be expected to work on older platforms...
Arguments:
None.
Return Value:
TRUE - Caller has Administrator privs.
FALSE - Caller does not have Administrator privs.
--*/
{
BOOL fAdmin = FALSE;
HANDLE hToken = NULL;
DWORD dwStatus;
DWORD dwACLSize;
DWORD cbps = sizeof(PRIVILEGE_SET);
PACL pACL = NULL;
PSID psidAdmin = NULL;
PSECURITY_DESCRIPTOR psdAdmin = NULL;
PRIVILEGE_SET ps;
GENERIC_MAPPING gm;
SID_IDENTIFIER_AUTHORITY sia = SECURITY_NT_AUTHORITY;
//
// Prepare some memory
//
ZeroMemory(&ps, sizeof(ps));
ZeroMemory(&gm, sizeof(gm));
//
// Get the Administrators SID
//
if (AllocateAndInitializeSid(&sia, 2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0, &psidAdmin) ) {
//
// Get the Asministrators Security Descriptor (SD)
//
psdAdmin = pSetupCheckedMalloc(SECURITY_DESCRIPTOR_MIN_LENGTH);
if (psdAdmin) {
if(InitializeSecurityDescriptor(psdAdmin,SECURITY_DESCRIPTOR_REVISION)) {
//
// Compute size needed for the ACL then allocate the
// memory for it
//
dwACLSize = sizeof(ACCESS_ALLOWED_ACE) + 8 +
GetLengthSid(psidAdmin) - sizeof(DWORD);
pACL = (PACL)pSetupCheckedMalloc(dwACLSize);
if(pACL) {
//
// Initialize the new ACL
//
if(InitializeAcl(pACL, dwACLSize, ACL_REVISION2)) {
//
// Add the access-allowed ACE to the DACL
//
if(AddAccessAllowedAce(pACL,ACL_REVISION2,
(ACCESS_READ | ACCESS_WRITE),psidAdmin)) {
//
// Set our DACL to the Administrator's SD
//
if (SetSecurityDescriptorDacl(psdAdmin, TRUE, pACL, FALSE)) {
//
// AccessCheck is downright picky about what is in the SD,
// so set the group and owner
//
SetSecurityDescriptorGroup(psdAdmin,psidAdmin,FALSE);
SetSecurityDescriptorOwner(psdAdmin,psidAdmin,FALSE);
//
// Initialize GenericMapping structure even though we
// won't be using generic rights
//
gm.GenericRead = ACCESS_READ;
gm.GenericWrite = ACCESS_WRITE;
gm.GenericExecute = 0;
gm.GenericAll = ACCESS_READ | ACCESS_WRITE;
//
// AccessCheck requires an impersonation token, so lets
// indulge it
//
ImpersonateSelf(SecurityImpersonation);
if (OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &hToken)) {
if (!AccessCheck(psdAdmin, hToken, ACCESS_READ, &gm,
&ps,&cbps,&dwStatus,&fAdmin)) {
fAdmin = FALSE;
}
CloseHandle(hToken);
}
}
}
}
pSetupFree(pACL);
}
}
pSetupFree(psdAdmin);
}
FreeSid(psidAdmin);
}
RevertToSelf();
return(fAdmin);
}
#endif // !SPUTILSW
BOOL
pSetupDoesUserHavePrivilege(
PCTSTR PrivilegeName
)
/*++
Routine Description:
This routine returns TRUE if the caller's process has
the specified privilege. The privilege does not have
to be currently enabled. This routine is used to indicate
whether the caller has the potential to enable the privilege.
Caller is NOT expected to be impersonating anyone and IS
expected to be able to open their own process and process
token.
Arguments:
Privilege - the name form of privilege ID (such as
SE_SECURITY_NAME).
Return Value:
TRUE - Caller has the specified privilege.
FALSE - Caller does not have the specified privilege.
--*/
{
HANDLE Token;
ULONG BytesRequired;
PTOKEN_PRIVILEGES Privileges;
BOOL b;
DWORD i;
LUID Luid;
//
// Open the process token.
//
if(!OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY,&Token)) {
return(FALSE);
}
b = FALSE;
Privileges = NULL;
//
// Get privilege information.
//
if(!GetTokenInformation(Token,TokenPrivileges,NULL,0,&BytesRequired)
&& (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
&& (Privileges = pSetupCheckedMalloc(BytesRequired))
&& GetTokenInformation(Token,TokenPrivileges,Privileges,BytesRequired,&BytesRequired)
&& LookupPrivilegeValue(NULL,PrivilegeName,&Luid)) {
//
// See if we have the requested privilege
//
for(i=0; i<Privileges->PrivilegeCount; i++) {
if((Luid.LowPart == Privileges->Privileges[i].Luid.LowPart)
&& (Luid.HighPart == Privileges->Privileges[i].Luid.HighPart)) {
b = TRUE;
break;
}
}
}
//
// Clean up and return.
//
if(Privileges) {
pSetupFree(Privileges);
}
CloseHandle(Token);
return(b);
}
BOOL
pSetupEnablePrivilege(
IN PCTSTR PrivilegeName,
IN BOOL Enable
)
/*++
Routine Description:
Enable or disable a given named privilege.
Arguments:
PrivilegeName - supplies the name of a system privilege.
Enable - flag indicating whether to enable or disable the privilege.
Return Value:
Boolean value indicating whether the operation was successful.
--*/
{
HANDLE Token;
BOOL b;
TOKEN_PRIVILEGES NewPrivileges;
LUID Luid;
if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&Token)) {
return(FALSE);
}
if(!LookupPrivilegeValue(NULL,PrivilegeName,&Luid)) {
CloseHandle(Token);
return(FALSE);
}
NewPrivileges.PrivilegeCount = 1;
NewPrivileges.Privileges[0].Luid = Luid;
NewPrivileges.Privileges[0].Attributes = Enable ? SE_PRIVILEGE_ENABLED : 0;
b = AdjustTokenPrivileges(
Token,
FALSE,
&NewPrivileges,
0,
NULL,
NULL
);
CloseHandle(Token);
return(b);
}