projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[XDK]
[reactos.git] / include / ndk / setypes.h
1 /*++ NDK Version: 0098
2
3 Copyright (c) Alex Ionescu. All rights reserved.
4
5 Header Name:
6
7 setypes.h
8
9 Abstract:
10
11 Type definitions for the security manager.
12
13 Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17 --*/
18
19 #ifndef _SETYPES_H
20 #define _SETYPES_H
21
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26
27 //
28 // Well Known SIDs
29 //
30 #define SECURITY_INTERNETSITE_AUTHORITY {0,0,0,0,0,7}
31
32 #ifdef NTOS_MODE_USER
33 //
34 // Privilege constants
35 //
36 #define SE_MIN_WELL_KNOWN_PRIVILEGE (2L)
37 #define SE_CREATE_TOKEN_PRIVILEGE (2L)
38 #define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE (3L)
39 #define SE_LOCK_MEMORY_PRIVILEGE (4L)
40 #define SE_INCREASE_QUOTA_PRIVILEGE (5L)
41 #define SE_UNSOLICITED_INPUT_PRIVILEGE (6L)
42 #define SE_MACHINE_ACCOUNT_PRIVILEGE (6L)
43 #define SE_TCB_PRIVILEGE (7L)
44 #define SE_SECURITY_PRIVILEGE (8L)
45 #define SE_TAKE_OWNERSHIP_PRIVILEGE (9L)
46 #define SE_LOAD_DRIVER_PRIVILEGE (10L)
47 #define SE_SYSTEM_PROFILE_PRIVILEGE (11L)
48 #define SE_SYSTEMTIME_PRIVILEGE (12L)
49 #define SE_PROF_SINGLE_PROCESS_PRIVILEGE (13L)
50 #define SE_INC_BASE_PRIORITY_PRIVILEGE (14L)
51 #define SE_CREATE_PAGEFILE_PRIVILEGE (15L)
52 #define SE_CREATE_PERMANENT_PRIVILEGE (16L)
53 #define SE_BACKUP_PRIVILEGE (17L)
54 #define SE_RESTORE_PRIVILEGE (18L)
55 #define SE_SHUTDOWN_PRIVILEGE (19L)
56 #define SE_DEBUG_PRIVILEGE (20L)
57 #define SE_AUDIT_PRIVILEGE (21L)
58 #define SE_SYSTEM_ENVIRONMENT_PRIVILEGE (22L)
59 #define SE_CHANGE_NOTIFY_PRIVILEGE (23L)
60 #define SE_REMOTE_SHUTDOWN_PRIVILEGE (24L)
61 #define SE_UNDOCK_PRIVILEGE (25L)
62 #define SE_SYNC_AGENT_PRIVILEGE (26L)
63 #define SE_ENABLE_DELEGATION_PRIVILEGE (27L)
64 #define SE_MANAGE_VOLUME_PRIVILEGE (28L)
65 #define SE_IMPERSONATE_PRIVILEGE (29L)
66 #define SE_CREATE_GLOBAL_PRIVILEGE (30L)
67 #define SE_MAX_WELL_KNOWN_PRIVILEGE (SE_CREATE_GLOBAL_PRIVILEGE)
68
69 #else
70
71 //
72 // User and Group-related SID Attributes
73 //
74 #define SE_GROUP_MANDATORY 0x00000001
75 #define SE_GROUP_ENABLED_BY_DEFAULT 0x00000002
76 #define SE_GROUP_ENABLED 0x00000004
77 #define SE_GROUP_OWNER 0x00000008
78 #define SE_GROUP_USE_FOR_DENY_ONLY 0x00000010
79 #define SE_GROUP_INTEGRITY 0x00000020
80 #define SE_GROUP_INTEGRITY_ENABLED 0x00000040
81 #define SE_GROUP_RESOURCE 0x20000000
82 #define SE_GROUP_LOGON_ID 0xC0000000
83
84 #define SE_GROUP_VALID_ATTRIBUTES \
85 (SE_GROUP_MANDATORY | \
86 SE_GROUP_ENABLED_BY_DEFAULT | \
87 SE_GROUP_ENABLED | \
88 SE_GROUP_OWNER | \
89 SE_GROUP_USE_FOR_DENY_ONLY | \
90 SE_GROUP_LOGON_ID | \
91 SE_GROUP_RESOURCE | \
92 SE_GROUP_INTEGRITY | \
93 SE_GROUP_INTEGRITY_ENABLED)
94
95 //
96 // Audit and Policy Structures
97 //
98 typedef struct _SEP_AUDIT_POLICY_CATEGORIES
99 {
100 UCHAR System:4;
101 UCHAR Logon:4;
102 UCHAR ObjectAccess:4;
103 UCHAR PrivilegeUse:4;
104 UCHAR DetailedTracking:4;
105 UCHAR PolicyChange:4;
106 UCHAR AccountManagement:4;
107 UCHAR DirectoryServiceAccess:4;
108 UCHAR AccountLogon:4;
109 } SEP_AUDIT_POLICY_CATEGORIES, *PSEP_AUDIT_POLICY_CATEGORIES;
110
111 typedef struct _SEP_AUDIT_POLICY_OVERLAY
112 {
113 ULONGLONG PolicyBits:36;
114 UCHAR SetBit:1;
115 } SEP_AUDIT_POLICY_OVERLAY, *PSEP_AUDIT_POLICY_OVERLAY;
116
117 typedef struct _SEP_AUDIT_POLICY
118 {
119 union
120 {
121 SEP_AUDIT_POLICY_CATEGORIES PolicyElements;
122 SEP_AUDIT_POLICY_OVERLAY PolicyOverlay;
123 ULONGLONG Overlay;
124 };
125 } SEP_AUDIT_POLICY, *PSEP_AUDIT_POLICY;
126
127 typedef struct _SE_AUDIT_PROCESS_CREATION_INFO
128 {
129 POBJECT_NAME_INFORMATION ImageFileName;
130 } SE_AUDIT_PROCESS_CREATION_INFO, *PSE_AUDIT_PROCESS_CREATION_INFO;
131
132 //
133 // Token and auxiliary data
134 //
135 typedef struct _TOKEN
136 {
137 TOKEN_SOURCE TokenSource; /* 0x00 */
138 LUID TokenId; /* 0x10 */
139 LUID AuthenticationId; /* 0x18 */
140 LUID ParentTokenId; /* 0x20 */
141 LARGE_INTEGER ExpirationTime; /* 0x28 */
142 struct _ERESOURCE *TokenLock; /* 0x30 */
143 SEP_AUDIT_POLICY AuditPolicy; /* 0x38 */
144 LUID ModifiedId; /* 0x40 */
145 ULONG SessionId; /* 0x48 */
146 ULONG UserAndGroupCount; /* 0x4C */
147 ULONG RestrictedSidCount; /* 0x50 */
148 ULONG PrivilegeCount; /* 0x54 */
149 ULONG VariableLength; /* 0x58 */
150 ULONG DynamicCharged; /* 0x5C */
151 ULONG DynamicAvailable; /* 0x60 */
152 ULONG DefaultOwnerIndex; /* 0x64 */
153 PSID_AND_ATTRIBUTES UserAndGroups; /* 0x68 */
154 PSID_AND_ATTRIBUTES RestrictedSids; /* 0x6C */
155 PSID PrimaryGroup; /* 0x70 */
156 PLUID_AND_ATTRIBUTES Privileges; /* 0x74 */
157 PULONG DynamicPart; /* 0x78 */
158 PACL DefaultDacl; /* 0x7C */
159 TOKEN_TYPE TokenType; /* 0x80 */
160 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; /* 0x84 */
161 ULONG TokenFlags; /* 0x88 */
162 BOOLEAN TokenInUse; /* 0x8C */
163 PVOID ProxyData; /* 0x90 */
164 PVOID AuditData; /* 0x94 */
165 LUID OriginatingLogonSession; /* 0x98 */
166 ULONG VariablePart; /* 0xA0 */
167 } TOKEN, *PTOKEN;
168
169 typedef struct _AUX_ACCESS_DATA
170 {
171 PPRIVILEGE_SET PrivilegeSet;
172 GENERIC_MAPPING GenericMapping;
173 ULONG Reserved;
174 } AUX_ACCESS_DATA, *PAUX_ACCESS_DATA;
175
176 //
177 // External SRM Data
178 //
179 extern PACL SePublicDefaultDacl;
180 extern PACL SeSystemDefaultDacl;
181
182 #endif
183 #endif
A free Windows-compatible Operating System