1 /* $Id: setypes.h,v 1.6 2002/02/20 20:09:52 ekohl Exp $
3 * COPYRIGHT: See COPYING in the top level directory for details
4 * PROJECT: ReactOS kernel
5 * FILE: include/ddk/setypes.h
6 * PURPOSE: Security manager types
8 * ??/??/??: Created with empty stubs by David Welch
9 * 29/08/98: ACCESS_TOKEN definition from Boudewijn Dekker
12 #ifndef __INCLUDE_DDK_SETYPES_H
13 #define __INCLUDE_DDK_SETYPES_H
15 #include <ntos/security.h>
17 /* TOKEN_GROUPS structure */
18 #define SE_GROUP_MANDATORY (0x1L)
19 #define SE_GROUP_ENABLED_BY_DEFAULT (0x2L)
20 #define SE_GROUP_ENABLED (0x4L)
21 #define SE_GROUP_OWNER (0x8L)
22 #define SE_GROUP_LOGON_ID (0xc0000000L)
25 #define ACL_REVISION (2)
27 /* ACE_HEADER structure */
28 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
29 #define ACCESS_DENIED_ACE_TYPE (0x1)
30 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
31 #define SYSTEM_ALARM_ACE_TYPE (0x3)
33 /* ACE flags in the ACE_HEADER structure */
34 #define OBJECT_INHERIT_ACE (0x1)
35 #define CONTAINER_INHERIT_ACE (0x2)
36 #define NO_PROPAGATE_INHERIT_ACE (0x4)
37 #define INHERIT_ONLY_ACE (0x8)
38 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
39 #define FAILED_ACCESS_ACE_FLAG (0x80)
41 /* SECURITY_DESCRIPTOR_CONTROL */
42 #define SECURITY_DESCRIPTOR_REVISION (1)
43 #define SECURITY_DESCRIPTOR_MIN_LENGTH (20)
44 #define SE_OWNER_DEFAULTED (1)
45 #define SE_GROUP_DEFAULTED (2)
46 #define SE_DACL_PRESENT (4)
47 #define SE_DACL_DEFAULTED (8)
48 #define SE_SACL_PRESENT (16)
49 #define SE_SACL_DEFAULTED (32)
50 #define SE_SELF_RELATIVE (32768)
53 #define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x1L)
54 #define SE_PRIVILEGE_ENABLED (0x2L)
55 #define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L)
56 #define PRIVILEGE_SET_ALL_NECESSARY (0x1)
58 typedef struct _ACCESS_TOKEN
60 TOKEN_SOURCE TokenSource
; // 0x00
62 LUID AuthenticationId
; // 0x18
63 LARGE_INTEGER ExpirationTime
; // 0x20
64 LUID ModifiedId
; // 0x28
65 ULONG UserAndGroupCount
; // 0x30
66 ULONG PrivilegeCount
; // 0x34
67 ULONG VariableLength
; // 0x38
68 ULONG DynamicCharged
; // 0x3C
69 ULONG DynamicAvailable
; // 0x40
70 ULONG DefaultOwnerIndex
; // 0x44
71 PSID_AND_ATTRIBUTES UserAndGroups
; // 0x48
72 PSID PrimaryGroup
; // 0x4C
73 PLUID_AND_ATTRIBUTES Privileges
; // 0x50
74 ULONG Unknown1
; // 0x54
75 PACL DefaultDacl
; // 0x58
76 TOKEN_TYPE TokenType
; // 0x5C
77 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
; // 0x60
78 UCHAR TokenFlags
; // 0x64
79 UCHAR TokenInUse
; // 0x65
80 UCHAR Unused
[2]; // 0x66
81 PVOID ProxyData
; // 0x68
82 PVOID AuditData
; // 0x6c
83 UCHAR VariablePart
[0]; // 0x70
84 } ACCESS_TOKEN
, *PACCESS_TOKEN
;
87 typedef struct _SECURITY_SUBJECT_CONTEXT
89 PACCESS_TOKEN ClientToken
; // 0x0
90 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
; // 0x4
91 PACCESS_TOKEN PrimaryToken
; // 0x8
92 PVOID ProcessAuditId
; // 0xC
93 } SECURITY_SUBJECT_CONTEXT
, *PSECURITY_SUBJECT_CONTEXT
;
96 typedef struct _SECURITY_CLIENT_CONTEXT
98 SECURITY_QUALITY_OF_SERVICE SecurityQos
; // 0x00
99 PACCESS_TOKEN Token
; // 0x0C
100 BOOLEAN DirectlyAccessClientToken
; // 0x10
101 BOOLEAN DirectAccessEffectiveOnly
; // 0x11
102 BOOLEAN ServerIsRemote
; // 0x12
103 TOKEN_CONTROL ClientTokenControl
; // 0x14
104 } SECURITY_CLIENT_CONTEXT
, *PSECURITY_CLIENT_CONTEXT
;
107 typedef struct _SE_EXPORTS
109 /* Privilege values */
110 LUID SeCreateTokenPrivilege
;
111 LUID SeAssignPrimaryTokenPrivilege
;
112 LUID SeLockMemoryPrivilege
;
113 LUID SeIncreaseQuotaPrivilege
;
114 LUID SeUnsolicitedInputPrivilege
;
116 LUID SeSecurityPrivilege
;
117 LUID SeTakeOwnershipPrivilege
;
118 LUID SeLoadDriverPrivilege
;
119 LUID SeCreatePagefilePrivilege
;
120 LUID SeIncreaseBasePriorityPrivilege
;
121 LUID SeSystemProfilePrivilege
;
122 LUID SeSystemtimePrivilege
;
123 LUID SeProfileSingleProcessPrivilege
;
124 LUID SeCreatePermanentPrivilege
;
125 LUID SeBackupPrivilege
;
126 LUID SeRestorePrivilege
;
127 LUID SeShutdownPrivilege
;
128 LUID SeDebugPrivilege
;
129 LUID SeAuditPrivilege
;
130 LUID SeSystemEnvironmentPrivilege
;
131 LUID SeChangeNotifyPrivilege
;
132 LUID SeRemoteShutdownPrivilege
;
134 /* Universally defined SIDs */
138 PSID SeCreatorOwnerSid
;
139 PSID SeCreatorGroupSid
;
141 /* Nt defined SIDs */
142 PSID SeNtAuthoritySid
;
146 PSID SeInteractiveSid
;
147 PSID SeLocalSystemSid
;
148 PSID SeAliasAdminsSid
;
149 PSID SeAliasUsersSid
;
150 PSID SeAliasGuestsSid
;
151 PSID SeAliasPowerUsersSid
;
152 PSID SeAliasAccountOpsSid
;
153 PSID SeAliasSystemOpsSid
;
154 PSID SeAliasPrintOpsSid
;
155 PSID SeAliasBackupOpsSid
;
156 } SE_EXPORTS
, *PSE_EXPORTS
;