windows-nt/Source/XPSP1/NT/termsrv/syslib/security.h


/*
 * List of accounts we allow file access for
 */
#define MAX_ACCOUNT_NAME 32
#define CURRENT_USER L"%user%"

// These are the accounts we want to have access to the directory
#define ADMIN_ACCOUNT  0
#define SYSTEM_ACCOUNT 1
#define USER_ACCOUNT   2

typedef struct _ADMIN_ACCOUNTS {
    WCHAR Name[MAX_ACCOUNT_NAME];
    PSID  pSid;
} ADMIN_ACCOUNTS, *PADMIN_ACCOUNTS;

/*
 * Operation result codes to allow a separate reporting module
 */
typedef enum _FILE_RESULT {
    FileOk,                   // File can not be written by users
    FileAccessError,          // Error occured, disposition unknown
    FileAccessErrorUserFormat // Error, user formatted message
} FILE_RESULT;

BOOL
InitSecurity(
    );

BOOL
IsAllowSid(
    PSID pSid
    );

BOOL
xxxLookupAccountName(
    PWCHAR pSystemName,
    PWCHAR pAccountName,
    PSID   *ppSid
    );

BOOLEAN
SetFileTree(
    PWCHAR   pRoot,
    PWCHAR   pAvoidDir
    );

BOOL
ReportFileResult(
    FILE_RESULT Code,
    ACCESS_MASK Access,
    PWCHAR      pFile,
    PWCHAR      pAccountName,
    PWCHAR      pDomainName,
    PCHAR       UserFormat,
    ...
    );

PACL
GetSecureAcl();

PSID
GetLocalAdminSid();

PSID
GetAdminSid();

PSID
GetLocalAdminGroupSid();

BOOL
CheckUserSid();

#if DBG
void
DumpSecurityDescriptor(
    PSECURITY_DESCRIPTOR pSD
    );

void
DumpAcl(
    PACL   pAcl,
    PCHAR  pBase,
    PULONG pSize
    );
#endif
Add source files 2020-09-26 03:20:57 -05:00
			`/*`
			`* List of accounts we allow file access for`
			`*/`
			`#define MAX_ACCOUNT_NAME 32`
			`#define CURRENT_USER L"%user%"`

			`// These are the accounts we want to have access to the directory`
			`#define ADMIN_ACCOUNT 0`
			`#define SYSTEM_ACCOUNT 1`
			`#define USER_ACCOUNT 2`

			`typedef struct _ADMIN_ACCOUNTS {`
			`WCHAR Name[MAX_ACCOUNT_NAME];`
			`PSID pSid;`
			`} ADMIN_ACCOUNTS, *PADMIN_ACCOUNTS;`

			`/*`
			`* Operation result codes to allow a separate reporting module`
			`*/`
			`typedef enum _FILE_RESULT {`
			`FileOk, // File can not be written by users`
			`FileAccessError, // Error occured, disposition unknown`
			`FileAccessErrorUserFormat // Error, user formatted message`
			`} FILE_RESULT;`

			`BOOL`
			`InitSecurity(`
			`);`

			`BOOL`
			`IsAllowSid(`
			`PSID pSid`
			`);`

			`BOOL`
			`xxxLookupAccountName(`
			`PWCHAR pSystemName,`
			`PWCHAR pAccountName,`
			`PSID *ppSid`
			`);`

			`BOOLEAN`
			`SetFileTree(`
			`PWCHAR pRoot,`
			`PWCHAR pAvoidDir`
			`);`

			`BOOL`
			`ReportFileResult(`
			`FILE_RESULT Code,`
			`ACCESS_MASK Access,`
			`PWCHAR pFile,`
			`PWCHAR pAccountName,`
			`PWCHAR pDomainName,`
			`PCHAR UserFormat,`
			`...`
			`);`

			`PACL`
			`GetSecureAcl();`

			`PSID`
			`GetLocalAdminSid();`

			`PSID`
			`GetAdminSid();`

			`PSID`
			`GetLocalAdminGroupSid();`

			`BOOL`
			`CheckUserSid();`

			`#if DBG`
			`void`
			`DumpSecurityDescriptor(`
			`PSECURITY_DESCRIPTOR pSD`
			`);`

			`void`
			`DumpAcl(`
			`PACL pAcl,`
			`PCHAR pBase,`
			`PULONG pSize`
			`);`
			`#endif`