2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/rtl/security.c
5 * PURPOSE: Security related functions and Security Objects
6 * PROGRAMMER: Eric Kohl
9 /* INCLUDES *****************************************************************/
16 /* FUNCTIONS ***************************************************************/
22 RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
)
25 HANDLE ImpersonationToken
;
27 OBJECT_ATTRIBUTES ObjAttr
;
28 SECURITY_QUALITY_OF_SERVICE Sqos
;
32 Status
= ZwOpenProcessToken(NtCurrentProcess(),
35 if (!NT_SUCCESS(Status
))
37 DPRINT1("NtOpenProcessToken() failed (Status %lx)\n", Status
);
41 Sqos
.Length
= sizeof(SECURITY_QUALITY_OF_SERVICE
);
42 Sqos
.ImpersonationLevel
= ImpersonationLevel
;
43 Sqos
.ContextTrackingMode
= 0;
44 Sqos
.EffectiveOnly
= FALSE
;
46 InitializeObjectAttributes(
54 ObjAttr
.SecurityQualityOfService
= &Sqos
;
56 Status
= ZwDuplicateToken(ProcessToken
,
59 Sqos
.EffectiveOnly
, /* why both here _and_ in Sqos? */
62 if (!NT_SUCCESS(Status
))
64 DPRINT1("NtDuplicateToken() failed (Status %lx)\n", Status
);
65 NtClose(ProcessToken
);
69 Status
= ZwSetInformationThread(NtCurrentThread(),
70 ThreadImpersonationToken
,
73 if (!NT_SUCCESS(Status
))
75 DPRINT1("NtSetInformationThread() failed (Status %lx)\n", Status
);
78 ZwClose(ImpersonationToken
);
79 ZwClose(ProcessToken
);
89 RtlAdjustPrivilege(IN ULONG Privilege
,
91 IN BOOLEAN CurrentThread
,
94 TOKEN_PRIVILEGES NewState
;
95 TOKEN_PRIVILEGES OldState
;
102 DPRINT ("RtlAdjustPrivilege() called\n");
106 Status
= ZwOpenThreadToken (NtCurrentThread (),
107 TOKEN_ADJUST_PRIVILEGES
| TOKEN_QUERY
,
113 Status
= ZwOpenProcessToken (NtCurrentProcess (),
114 TOKEN_ADJUST_PRIVILEGES
| TOKEN_QUERY
,
118 if (!NT_SUCCESS (Status
))
120 DPRINT1 ("Retrieving token handle failed (Status %lx)\n", Status
);
124 OldState
.PrivilegeCount
= 1;
126 NewState
.PrivilegeCount
= 1;
127 NewState
.Privileges
[0].Luid
.LowPart
= Privilege
;
128 NewState
.Privileges
[0].Luid
.HighPart
= 0;
129 NewState
.Privileges
[0].Attributes
= (Enable
) ? SE_PRIVILEGE_ENABLED
: 0;
131 Status
= ZwAdjustPrivilegesToken (TokenHandle
,
134 sizeof(TOKEN_PRIVILEGES
),
137 ZwClose (TokenHandle
);
138 if (Status
== STATUS_NOT_ALL_ASSIGNED
)
140 DPRINT1 ("Failed to assign all privileges\n");
141 return STATUS_PRIVILEGE_NOT_HELD
;
143 if (!NT_SUCCESS(Status
))
145 DPRINT1 ("NtAdjustPrivilegesToken() failed (Status %lx)\n", Status
);
149 if (OldState
.PrivilegeCount
== 0)
155 *Enabled
= (OldState
.Privileges
[0].Attributes
& SE_PRIVILEGE_ENABLED
);
158 DPRINT ("RtlAdjustPrivilege() done\n");
160 return STATUS_SUCCESS
;
168 RtlDeleteSecurityObject(IN PSECURITY_DESCRIPTOR
*ObjectDescriptor
)
170 DPRINT("RtlDeleteSecurityObject(%p)\n", ObjectDescriptor
);
172 RtlFreeHeap(RtlGetProcessHeap(),
176 return STATUS_SUCCESS
;
185 RtlNewSecurityObject(IN PSECURITY_DESCRIPTOR ParentDescriptor
,
186 IN PSECURITY_DESCRIPTOR CreatorDescriptor
,
187 OUT PSECURITY_DESCRIPTOR
*NewDescriptor
,
188 IN BOOLEAN IsDirectoryObject
,
190 IN PGENERIC_MAPPING GenericMapping
)
193 return STATUS_NOT_IMPLEMENTED
;
202 RtlQuerySecurityObject(IN PSECURITY_DESCRIPTOR ObjectDescriptor
,
203 IN SECURITY_INFORMATION SecurityInformation
,
204 OUT PSECURITY_DESCRIPTOR ResultantDescriptor
,
205 IN ULONG DescriptorLength
,
206 OUT PULONG ReturnLength
)
209 return STATUS_NOT_IMPLEMENTED
;
218 RtlSetSecurityObject(IN SECURITY_INFORMATION SecurityInformation
,
219 IN PSECURITY_DESCRIPTOR ModificationDescriptor
,
220 OUT PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
221 IN PGENERIC_MAPPING GenericMapping
,
225 return STATUS_NOT_IMPLEMENTED
;