4 extern SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
;
5 extern SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
;
6 extern SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
;
7 extern SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
;
8 extern SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
;
11 extern PSID SeNullSid
;
12 extern PSID SeWorldSid
;
13 extern PSID SeLocalSid
;
14 extern PSID SeCreatorOwnerSid
;
15 extern PSID SeCreatorGroupSid
;
16 extern PSID SeCreatorOwnerServerSid
;
17 extern PSID SeCreatorGroupServerSid
;
18 extern PSID SeNtAuthoritySid
;
19 extern PSID SeDialupSid
;
20 extern PSID SeNetworkSid
;
21 extern PSID SeBatchSid
;
22 extern PSID SeInteractiveSid
;
23 extern PSID SeServiceSid
;
24 extern PSID SeAnonymousLogonSid
;
25 extern PSID SePrincipalSelfSid
;
26 extern PSID SeLocalSystemSid
;
27 extern PSID SeAuthenticatedUserSid
;
28 extern PSID SeRestrictedCodeSid
;
29 extern PSID SeAliasAdminsSid
;
30 extern PSID SeAliasUsersSid
;
31 extern PSID SeAliasGuestsSid
;
32 extern PSID SeAliasPowerUsersSid
;
33 extern PSID SeAliasAccountOpsSid
;
34 extern PSID SeAliasSystemOpsSid
;
35 extern PSID SeAliasPrintOpsSid
;
36 extern PSID SeAliasBackupOpsSid
;
37 extern PSID SeAuthenticatedUsersSid
;
38 extern PSID SeRestrictedSid
;
39 extern PSID SeAnonymousLogonSid
;
42 extern LUID SeCreateTokenPrivilege
;
43 extern LUID SeAssignPrimaryTokenPrivilege
;
44 extern LUID SeLockMemoryPrivilege
;
45 extern LUID SeIncreaseQuotaPrivilege
;
46 extern LUID SeUnsolicitedInputPrivilege
;
47 extern LUID SeTcbPrivilege
;
48 extern LUID SeSecurityPrivilege
;
49 extern LUID SeTakeOwnershipPrivilege
;
50 extern LUID SeLoadDriverPrivilege
;
51 extern LUID SeCreatePagefilePrivilege
;
52 extern LUID SeIncreaseBasePriorityPrivilege
;
53 extern LUID SeSystemProfilePrivilege
;
54 extern LUID SeSystemtimePrivilege
;
55 extern LUID SeProfileSingleProcessPrivilege
;
56 extern LUID SeCreatePermanentPrivilege
;
57 extern LUID SeBackupPrivilege
;
58 extern LUID SeRestorePrivilege
;
59 extern LUID SeShutdownPrivilege
;
60 extern LUID SeDebugPrivilege
;
61 extern LUID SeAuditPrivilege
;
62 extern LUID SeSystemEnvironmentPrivilege
;
63 extern LUID SeChangeNotifyPrivilege
;
64 extern LUID SeRemoteShutdownPrivilege
;
65 extern LUID SeUndockPrivilege
;
66 extern LUID SeSyncAgentPrivilege
;
67 extern LUID SeEnableDelegationPrivilege
;
70 extern PACL SePublicDefaultUnrestrictedDacl
;
71 extern PACL SePublicOpenDacl
;
72 extern PACL SePublicOpenUnrestrictedDacl
;
73 extern PACL SeUnrestrictedDacl
;
76 extern PSECURITY_DESCRIPTOR SePublicDefaultSd
;
77 extern PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
;
78 extern PSECURITY_DESCRIPTOR SePublicOpenSd
;
79 extern PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
;
80 extern PSECURITY_DESCRIPTOR SeSystemDefaultSd
;
81 extern PSECURITY_DESCRIPTOR SeUnrestrictedSd
;
98 SepInitPrivileges(VOID
);
102 SepInitSecurityIDs(VOID
);
114 SeDeassignPrimaryToken(struct _EPROCESS
*Process
);
127 SeInitializeProcessAuditName(
128 IN PFILE_OBJECT FileObject
,
130 OUT POBJECT_NAME_INFORMATION
*AuditInfo
135 SeCreateAccessStateEx(
137 IN PEPROCESS Process
,
138 IN OUT PACCESS_STATE AccessState
,
139 IN PAUX_ACCESS_DATA AuxData
,
140 IN ACCESS_MASK Access
,
141 IN PGENERIC_MAPPING GenericMapping
153 SepCreateImpersonationTokenDacl(
161 SepInitializeTokenImplementation(VOID
);
165 SepCreateSystemProcessToken(VOID
);
169 SeDetailedAuditingWithToken(IN PTOKEN Token
);
173 SeAuditProcessExit(IN PEPROCESS Process
);
177 SeAuditProcessCreate(IN PEPROCESS Process
);
181 SeExchangePrimaryToken(
182 struct _EPROCESS
* Process
,
183 PACCESS_TOKEN NewToken
,
184 PACCESS_TOKEN
* OldTokenP
189 SeCaptureSubjectContextEx(
191 IN PEPROCESS Process
,
192 OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
197 SeCaptureLuidAndAttributesArray(
198 PLUID_AND_ATTRIBUTES Src
,
199 ULONG PrivilegeCount
,
200 KPROCESSOR_MODE PreviousMode
,
201 PLUID_AND_ATTRIBUTES AllocatedMem
,
202 ULONG AllocatedLength
,
204 BOOLEAN CaptureIfKernel
,
205 PLUID_AND_ATTRIBUTES
* Dest
,
211 SeReleaseLuidAndAttributesArray(
212 PLUID_AND_ATTRIBUTES Privilege
,
213 KPROCESSOR_MODE PreviousMode
,
214 BOOLEAN CaptureIfKernel
221 PLUID_AND_ATTRIBUTES Privileges
,
222 ULONG PrivilegeCount
,
223 ULONG PrivilegeControl
,
224 KPROCESSOR_MODE PreviousMode
229 SeCheckPrivilegedObject(
230 IN LUID PrivilegeValue
,
231 IN HANDLE ObjectHandle
,
232 IN ACCESS_MASK DesiredAccess
,
233 IN KPROCESSOR_MODE PreviousMode
240 POBJECT_ATTRIBUTES ObjectAttributes
,
241 BOOLEAN EffectiveOnly
,
242 TOKEN_TYPE TokenType
,
243 SECURITY_IMPERSONATION_LEVEL Level
,
244 KPROCESSOR_MODE PreviousMode
,
245 PTOKEN
* NewAccessToken
250 SepCaptureSecurityQualityOfService(
251 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
252 IN KPROCESSOR_MODE AccessMode
,
253 IN POOL_TYPE PoolType
,
254 IN BOOLEAN CaptureIfKernel
,
255 OUT PSECURITY_QUALITY_OF_SERVICE
*CapturedSecurityQualityOfService
,
261 SepReleaseSecurityQualityOfService(
262 IN PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService OPTIONAL
,
263 IN KPROCESSOR_MODE AccessMode
,
264 IN BOOLEAN CaptureIfKernel
271 IN KPROCESSOR_MODE AccessMode
,
272 IN POOL_TYPE PoolType
,
273 IN BOOLEAN CaptureIfKernel
,
274 OUT PSID
*CapturedSid
281 IN KPROCESSOR_MODE AccessMode
,
282 IN BOOLEAN CaptureIfKernel
289 IN KPROCESSOR_MODE AccessMode
,
290 IN POOL_TYPE PoolType
,
291 IN BOOLEAN CaptureIfKernel
,
292 OUT PACL
*CapturedAcl
299 IN KPROCESSOR_MODE AccessMode
,
300 IN BOOLEAN CaptureIfKernel
305 SeDefaultObjectMethod(
307 SECURITY_OPERATION_CODE OperationType
,
308 PSECURITY_INFORMATION SecurityInformation
,
309 PSECURITY_DESCRIPTOR NewSecurityDescriptor
,
311 PSECURITY_DESCRIPTOR
*OldSecurityDescriptor
,
313 PGENERIC_MAPPING GenericMapping
318 SeSetWorldSecurityDescriptor(
319 SECURITY_INFORMATION SecurityInformation
,
320 PISECURITY_DESCRIPTOR SecurityDescriptor
,
327 IN PACCESS_TOKEN Token
,
328 IN SECURITY_IMPERSONATION_LEVEL Level
,
329 IN KPROCESSOR_MODE PreviousMode
,
330 OUT PACCESS_TOKEN
* NewToken
333 #define SepAcquireTokenLockExclusive(Token) \
335 KeEnterCriticalRegion(); \
336 ExAcquireResourceExclusive(((PTOKEN)Token)->TokenLock, TRUE); \
339 #define SepAcquireTokenLockShared(Token) \
341 KeEnterCriticalRegion(); \
342 ExAcquireResourceShared(((PTOKEN)Token)->TokenLock, TRUE); \
345 #define SepReleaseTokenLock(Token) \
347 ExReleaseResource(((PTOKEN)Token)->TokenLock); \
348 KeLeaveCriticalRegion(); \
352 SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
353 OUT PACCESS_MASK DesiredAccess
);
356 SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
357 OUT PACCESS_MASK DesiredAccess
);