1 /******************************************************************************
2 * Security Manager Types *
3 ******************************************************************************/
6 typedef PVOID PSECURITY_DESCRIPTOR
;
7 typedef ULONG SECURITY_INFORMATION
, *PSECURITY_INFORMATION
;
8 typedef ULONG ACCESS_MASK
, *PACCESS_MASK
;
9 typedef PVOID PACCESS_TOKEN
;
12 #define DELETE 0x00010000L
13 #define READ_CONTROL 0x00020000L
14 #define WRITE_DAC 0x00040000L
15 #define WRITE_OWNER 0x00080000L
16 #define SYNCHRONIZE 0x00100000L
17 #define STANDARD_RIGHTS_REQUIRED 0x000F0000L
18 #define STANDARD_RIGHTS_READ READ_CONTROL
19 #define STANDARD_RIGHTS_WRITE READ_CONTROL
20 #define STANDARD_RIGHTS_EXECUTE READ_CONTROL
21 #define STANDARD_RIGHTS_ALL 0x001F0000L
22 #define SPECIFIC_RIGHTS_ALL 0x0000FFFFL
23 #define ACCESS_SYSTEM_SECURITY 0x01000000L
24 #define MAXIMUM_ALLOWED 0x02000000L
25 #define GENERIC_READ 0x80000000L
26 #define GENERIC_WRITE 0x40000000L
27 #define GENERIC_EXECUTE 0x20000000L
28 #define GENERIC_ALL 0x10000000L
30 typedef struct _GENERIC_MAPPING
{
31 ACCESS_MASK GenericRead
;
32 ACCESS_MASK GenericWrite
;
33 ACCESS_MASK GenericExecute
;
34 ACCESS_MASK GenericAll
;
35 } GENERIC_MAPPING
, *PGENERIC_MAPPING
;
37 #define ACL_REVISION 2
38 #define ACL_REVISION_DS 4
40 #define ACL_REVISION1 1
41 #define ACL_REVISION2 2
42 #define ACL_REVISION3 3
43 #define ACL_REVISION4 4
44 #define MIN_ACL_REVISION ACL_REVISION2
45 #define MAX_ACL_REVISION ACL_REVISION4
55 /* Current security descriptor revision value */
56 #define SECURITY_DESCRIPTOR_REVISION (1)
57 #define SECURITY_DESCRIPTOR_REVISION1 (1)
59 /* Privilege attributes */
60 #define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x00000001L)
61 #define SE_PRIVILEGE_ENABLED (0x00000002L)
62 #define SE_PRIVILEGE_REMOVED (0X00000004L)
63 #define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L)
65 #define SE_PRIVILEGE_VALID_ATTRIBUTES (SE_PRIVILEGE_ENABLED_BY_DEFAULT | \
66 SE_PRIVILEGE_ENABLED | \
67 SE_PRIVILEGE_REMOVED | \
68 SE_PRIVILEGE_USED_FOR_ACCESS)
71 typedef struct _LUID_AND_ATTRIBUTES
{
74 } LUID_AND_ATTRIBUTES
, *PLUID_AND_ATTRIBUTES
;
77 typedef LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES_ARRAY
[ANYSIZE_ARRAY
];
78 typedef LUID_AND_ATTRIBUTES_ARRAY
*PLUID_AND_ATTRIBUTES_ARRAY
;
81 #define PRIVILEGE_SET_ALL_NECESSARY (1)
83 typedef struct _PRIVILEGE_SET
{
86 LUID_AND_ATTRIBUTES Privilege
[ANYSIZE_ARRAY
];
87 } PRIVILEGE_SET
,*PPRIVILEGE_SET
;
89 typedef enum _SECURITY_IMPERSONATION_LEVEL
{
91 SecurityIdentification
,
92 SecurityImpersonation
,
94 } SECURITY_IMPERSONATION_LEVEL
, * PSECURITY_IMPERSONATION_LEVEL
;
96 #define SECURITY_MAX_IMPERSONATION_LEVEL SecurityDelegation
97 #define SECURITY_MIN_IMPERSONATION_LEVEL SecurityAnonymous
98 #define DEFAULT_IMPERSONATION_LEVEL SecurityImpersonation
99 #define VALID_IMPERSONATION_LEVEL(Level) (((Level) >= SECURITY_MIN_IMPERSONATION_LEVEL) && ((Level) <= SECURITY_MAX_IMPERSONATION_LEVEL))
101 #define SECURITY_DYNAMIC_TRACKING (TRUE)
102 #define SECURITY_STATIC_TRACKING (FALSE)
104 typedef BOOLEAN SECURITY_CONTEXT_TRACKING_MODE
, *PSECURITY_CONTEXT_TRACKING_MODE
;
106 typedef struct _SECURITY_QUALITY_OF_SERVICE
{
108 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
109 SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
;
110 BOOLEAN EffectiveOnly
;
111 } SECURITY_QUALITY_OF_SERVICE
, *PSECURITY_QUALITY_OF_SERVICE
;
113 typedef struct _SE_IMPERSONATION_STATE
{
116 BOOLEAN EffectiveOnly
;
117 SECURITY_IMPERSONATION_LEVEL Level
;
118 } SE_IMPERSONATION_STATE
, *PSE_IMPERSONATION_STATE
;
120 #define OWNER_SECURITY_INFORMATION (0x00000001L)
121 #define GROUP_SECURITY_INFORMATION (0x00000002L)
122 #define DACL_SECURITY_INFORMATION (0x00000004L)
123 #define SACL_SECURITY_INFORMATION (0x00000008L)
124 #define LABEL_SECURITY_INFORMATION (0x00000010L)
126 #define PROTECTED_DACL_SECURITY_INFORMATION (0x80000000L)
127 #define PROTECTED_SACL_SECURITY_INFORMATION (0x40000000L)
128 #define UNPROTECTED_DACL_SECURITY_INFORMATION (0x20000000L)
129 #define UNPROTECTED_SACL_SECURITY_INFORMATION (0x10000000L)
131 typedef enum _SECURITY_OPERATION_CODE
{
132 SetSecurityDescriptor
,
133 QuerySecurityDescriptor
,
134 DeleteSecurityDescriptor
,
135 AssignSecurityDescriptor
136 } SECURITY_OPERATION_CODE
, *PSECURITY_OPERATION_CODE
;
138 #define INITIAL_PRIVILEGE_COUNT 3
140 typedef struct _INITIAL_PRIVILEGE_SET
{
141 ULONG PrivilegeCount
;
143 LUID_AND_ATTRIBUTES Privilege
[INITIAL_PRIVILEGE_COUNT
];
144 } INITIAL_PRIVILEGE_SET
, * PINITIAL_PRIVILEGE_SET
;
146 #define SE_MIN_WELL_KNOWN_PRIVILEGE 2
147 #define SE_CREATE_TOKEN_PRIVILEGE 2
148 #define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE 3
149 #define SE_LOCK_MEMORY_PRIVILEGE 4
150 #define SE_INCREASE_QUOTA_PRIVILEGE 5
151 #define SE_MACHINE_ACCOUNT_PRIVILEGE 6
152 #define SE_TCB_PRIVILEGE 7
153 #define SE_SECURITY_PRIVILEGE 8
154 #define SE_TAKE_OWNERSHIP_PRIVILEGE 9
155 #define SE_LOAD_DRIVER_PRIVILEGE 10
156 #define SE_SYSTEM_PROFILE_PRIVILEGE 11
157 #define SE_SYSTEMTIME_PRIVILEGE 12
158 #define SE_PROF_SINGLE_PROCESS_PRIVILEGE 13
159 #define SE_INC_BASE_PRIORITY_PRIVILEGE 14
160 #define SE_CREATE_PAGEFILE_PRIVILEGE 15
161 #define SE_CREATE_PERMANENT_PRIVILEGE 16
162 #define SE_BACKUP_PRIVILEGE 17
163 #define SE_RESTORE_PRIVILEGE 18
164 #define SE_SHUTDOWN_PRIVILEGE 19
165 #define SE_DEBUG_PRIVILEGE 20
166 #define SE_AUDIT_PRIVILEGE 21
167 #define SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22
168 #define SE_CHANGE_NOTIFY_PRIVILEGE 23
169 #define SE_REMOTE_SHUTDOWN_PRIVILEGE 24
170 #define SE_UNDOCK_PRIVILEGE 25
171 #define SE_SYNC_AGENT_PRIVILEGE 26
172 #define SE_ENABLE_DELEGATION_PRIVILEGE 27
173 #define SE_MANAGE_VOLUME_PRIVILEGE 28
174 #define SE_IMPERSONATE_PRIVILEGE 29
175 #define SE_CREATE_GLOBAL_PRIVILEGE 30
176 #define SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE 31
177 #define SE_RELABEL_PRIVILEGE 32
178 #define SE_INC_WORKING_SET_PRIVILEGE 33
179 #define SE_TIME_ZONE_PRIVILEGE 34
180 #define SE_CREATE_SYMBOLIC_LINK_PRIVILEGE 35
181 #define SE_MAX_WELL_KNOWN_PRIVILEGE SE_CREATE_SYMBOLIC_LINK_PRIVILEGE
183 typedef struct _SECURITY_SUBJECT_CONTEXT
{
184 PACCESS_TOKEN ClientToken
;
185 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
186 PACCESS_TOKEN PrimaryToken
;
187 PVOID ProcessAuditId
;
188 } SECURITY_SUBJECT_CONTEXT
, *PSECURITY_SUBJECT_CONTEXT
;
190 typedef struct _ACCESS_STATE
{
192 BOOLEAN SecurityEvaluated
;
193 BOOLEAN GenerateAudit
;
194 BOOLEAN GenerateOnClose
;
195 BOOLEAN PrivilegesAllocated
;
197 ACCESS_MASK RemainingDesiredAccess
;
198 ACCESS_MASK PreviouslyGrantedAccess
;
199 ACCESS_MASK OriginalDesiredAccess
;
200 SECURITY_SUBJECT_CONTEXT SubjectSecurityContext
;
201 PSECURITY_DESCRIPTOR SecurityDescriptor
;
204 INITIAL_PRIVILEGE_SET InitialPrivilegeSet
;
205 PRIVILEGE_SET PrivilegeSet
;
208 BOOLEAN AuditPrivileges
;
209 UNICODE_STRING ObjectName
;
210 UNICODE_STRING ObjectTypeName
;
211 } ACCESS_STATE
, *PACCESS_STATE
;
216 #ifndef _NTLSA_AUDIT_
217 #define _NTLSA_AUDIT_
219 #define SE_MAX_AUDIT_PARAMETERS 32
220 #define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
222 #define SE_ADT_OBJECT_ONLY 0x1
224 #define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001
225 #define SE_ADT_PARAMETERS_SEND_TO_LSA 0x00000002
226 #define SE_ADT_PARAMETER_EXTENSIBLE_AUDIT 0x00000004
227 #define SE_ADT_PARAMETER_GENERIC_AUDIT 0x00000008
228 #define SE_ADT_PARAMETER_WRITE_SYNCHRONOUS 0x00000010
230 #define LSAP_SE_ADT_PARAMETER_ARRAY_TRUE_SIZE(Parameters) \
231 ( sizeof(SE_ADT_PARAMETER_ARRAY) - sizeof(SE_ADT_PARAMETER_ARRAY_ENTRY) * \
232 (SE_MAX_AUDIT_PARAMETERS - Parameters->ParameterCount) )
234 typedef enum _SE_ADT_PARAMETER_TYPE
{
235 SeAdtParmTypeNone
= 0,
237 SeAdtParmTypeFileSpec
,
240 SeAdtParmTypeLogonId
,
241 SeAdtParmTypeNoLogonId
,
242 SeAdtParmTypeAccessMask
,
244 SeAdtParmTypeObjectTypes
,
245 SeAdtParmTypeHexUlong
,
250 SeAdtParmTypeHexInt64
,
251 SeAdtParmTypeStringList
,
252 SeAdtParmTypeSidList
,
253 SeAdtParmTypeDuration
,
254 SeAdtParmTypeUserAccountControl
,
256 SeAdtParmTypeMessage
,
257 SeAdtParmTypeDateTime
,
258 SeAdtParmTypeSockAddr
,
260 SeAdtParmTypeLogonHours
,
261 SeAdtParmTypeLogonIdNoSid
,
262 SeAdtParmTypeUlongNoConv
,
263 SeAdtParmTypeSockAddrNoPort
,
264 SeAdtParmTypeAccessReason
265 } SE_ADT_PARAMETER_TYPE
, *PSE_ADT_PARAMETER_TYPE
;
267 typedef struct _SE_ADT_OBJECT_TYPE
{
271 ACCESS_MASK AccessMask
;
272 } SE_ADT_OBJECT_TYPE
, *PSE_ADT_OBJECT_TYPE
;
274 typedef struct _SE_ADT_PARAMETER_ARRAY_ENTRY
{
275 SE_ADT_PARAMETER_TYPE Type
;
279 } SE_ADT_PARAMETER_ARRAY_ENTRY
, *PSE_ADT_PARAMETER_ARRAY_ENTRY
;
281 typedef struct _SE_ADT_ACCESS_REASON
{
282 ACCESS_MASK AccessMask
;
283 ULONG AccessReasons
[32];
284 ULONG ObjectTypeIndex
;
286 PSECURITY_DESCRIPTOR SecurityDescriptor
;
287 } SE_ADT_ACCESS_REASON
, *PSE_ADT_ACCESS_REASON
;
289 typedef struct _SE_ADT_PARAMETER_ARRAY
{
292 ULONG ParameterCount
;
294 USHORT FlatSubCategoryId
;
297 SE_ADT_PARAMETER_ARRAY_ENTRY Parameters
[ SE_MAX_AUDIT_PARAMETERS
];
298 } SE_ADT_PARAMETER_ARRAY
, *PSE_ADT_PARAMETER_ARRAY
;
300 #endif /* !_NTLSA_AUDIT_ */
301 #endif /* !_NTLSA_IFS_ */