3 extern POBJECT_TYPE SepTokenObjectType
;
6 extern SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
;
7 extern SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
;
8 extern SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
;
9 extern SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
;
10 extern SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
;
13 extern PSID SeNullSid
;
14 extern PSID SeWorldSid
;
15 extern PSID SeLocalSid
;
16 extern PSID SeCreatorOwnerSid
;
17 extern PSID SeCreatorGroupSid
;
18 extern PSID SeCreatorOwnerServerSid
;
19 extern PSID SeCreatorGroupServerSid
;
20 extern PSID SeNtAuthoritySid
;
21 extern PSID SeDialupSid
;
22 extern PSID SeNetworkSid
;
23 extern PSID SeBatchSid
;
24 extern PSID SeInteractiveSid
;
25 extern PSID SeServiceSid
;
26 extern PSID SeAnonymousLogonSid
;
27 extern PSID SePrincipalSelfSid
;
28 extern PSID SeLocalSystemSid
;
29 extern PSID SeAuthenticatedUserSid
;
30 extern PSID SeRestrictedCodeSid
;
31 extern PSID SeAliasAdminsSid
;
32 extern PSID SeAliasUsersSid
;
33 extern PSID SeAliasGuestsSid
;
34 extern PSID SeAliasPowerUsersSid
;
35 extern PSID SeAliasAccountOpsSid
;
36 extern PSID SeAliasSystemOpsSid
;
37 extern PSID SeAliasPrintOpsSid
;
38 extern PSID SeAliasBackupOpsSid
;
39 extern PSID SeAuthenticatedUsersSid
;
40 extern PSID SeRestrictedSid
;
41 extern PSID SeAnonymousLogonSid
;
44 extern LUID SeCreateTokenPrivilege
;
45 extern LUID SeAssignPrimaryTokenPrivilege
;
46 extern LUID SeLockMemoryPrivilege
;
47 extern LUID SeIncreaseQuotaPrivilege
;
48 extern LUID SeUnsolicitedInputPrivilege
;
49 extern LUID SeTcbPrivilege
;
50 extern LUID SeSecurityPrivilege
;
51 extern LUID SeTakeOwnershipPrivilege
;
52 extern LUID SeLoadDriverPrivilege
;
53 extern LUID SeCreatePagefilePrivilege
;
54 extern LUID SeIncreaseBasePriorityPrivilege
;
55 extern LUID SeSystemProfilePrivilege
;
56 extern LUID SeSystemtimePrivilege
;
57 extern LUID SeProfileSingleProcessPrivilege
;
58 extern LUID SeCreatePermanentPrivilege
;
59 extern LUID SeBackupPrivilege
;
60 extern LUID SeRestorePrivilege
;
61 extern LUID SeShutdownPrivilege
;
62 extern LUID SeDebugPrivilege
;
63 extern LUID SeAuditPrivilege
;
64 extern LUID SeSystemEnvironmentPrivilege
;
65 extern LUID SeChangeNotifyPrivilege
;
66 extern LUID SeRemoteShutdownPrivilege
;
67 extern LUID SeUndockPrivilege
;
68 extern LUID SeSyncAgentPrivilege
;
69 extern LUID SeEnableDelegationPrivilege
;
72 extern PACL SePublicDefaultUnrestrictedDacl
;
73 extern PACL SePublicOpenDacl
;
74 extern PACL SePublicOpenUnrestrictedDacl
;
75 extern PACL SeUnrestrictedDacl
;
78 extern PSECURITY_DESCRIPTOR SePublicDefaultSd
;
79 extern PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd
;
80 extern PSECURITY_DESCRIPTOR SePublicOpenSd
;
81 extern PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd
;
82 extern PSECURITY_DESCRIPTOR SeSystemDefaultSd
;
83 extern PSECURITY_DESCRIPTOR SeUnrestrictedSd
;
100 SepInitPrivileges(VOID
);
104 SepInitSecurityIDs(VOID
);
116 SeDeassignPrimaryToken(struct _EPROCESS
*Process
);
129 SeInitializeProcessAuditName(
130 IN PFILE_OBJECT FileObject
,
132 OUT POBJECT_NAME_INFORMATION
*AuditInfo
137 SeCreateAccessStateEx(
139 IN PEPROCESS Process
,
140 IN OUT PACCESS_STATE AccessState
,
141 IN PAUX_ACCESS_DATA AuxData
,
142 IN ACCESS_MASK Access
,
143 IN PGENERIC_MAPPING GenericMapping
155 SepCreateImpersonationTokenDacl(
163 SepInitializeTokenImplementation(VOID
);
167 SepCreateSystemProcessToken(VOID
);
171 SeDetailedAuditingWithToken(IN PTOKEN Token
);
175 SeAuditProcessExit(IN PEPROCESS Process
);
179 SeAuditProcessCreate(IN PEPROCESS Process
);
183 SeExchangePrimaryToken(
184 struct _EPROCESS
* Process
,
185 PACCESS_TOKEN NewToken
,
186 PACCESS_TOKEN
* OldTokenP
191 SeCaptureSubjectContextEx(
193 IN PEPROCESS Process
,
194 OUT PSECURITY_SUBJECT_CONTEXT SubjectContext
199 SeCaptureLuidAndAttributesArray(
200 PLUID_AND_ATTRIBUTES Src
,
201 ULONG PrivilegeCount
,
202 KPROCESSOR_MODE PreviousMode
,
203 PLUID_AND_ATTRIBUTES AllocatedMem
,
204 ULONG AllocatedLength
,
206 BOOLEAN CaptureIfKernel
,
207 PLUID_AND_ATTRIBUTES
* Dest
,
213 SeReleaseLuidAndAttributesArray(
214 PLUID_AND_ATTRIBUTES Privilege
,
215 KPROCESSOR_MODE PreviousMode
,
216 BOOLEAN CaptureIfKernel
223 PLUID_AND_ATTRIBUTES Privileges
,
224 ULONG PrivilegeCount
,
225 ULONG PrivilegeControl
,
226 KPROCESSOR_MODE PreviousMode
233 POBJECT_ATTRIBUTES ObjectAttributes
,
234 BOOLEAN EffectiveOnly
,
235 TOKEN_TYPE TokenType
,
236 SECURITY_IMPERSONATION_LEVEL Level
,
237 KPROCESSOR_MODE PreviousMode
,
238 PTOKEN
* NewAccessToken
243 SepCaptureSecurityQualityOfService(
244 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
245 IN KPROCESSOR_MODE AccessMode
,
246 IN POOL_TYPE PoolType
,
247 IN BOOLEAN CaptureIfKernel
,
248 OUT PSECURITY_QUALITY_OF_SERVICE
*CapturedSecurityQualityOfService
,
254 SepReleaseSecurityQualityOfService(
255 IN PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService OPTIONAL
,
256 IN KPROCESSOR_MODE AccessMode
,
257 IN BOOLEAN CaptureIfKernel
264 IN KPROCESSOR_MODE AccessMode
,
265 IN POOL_TYPE PoolType
,
266 IN BOOLEAN CaptureIfKernel
,
267 OUT PSID
*CapturedSid
274 IN KPROCESSOR_MODE AccessMode
,
275 IN BOOLEAN CaptureIfKernel
282 IN KPROCESSOR_MODE AccessMode
,
283 IN POOL_TYPE PoolType
,
284 IN BOOLEAN CaptureIfKernel
,
285 OUT PACL
*CapturedAcl
292 IN KPROCESSOR_MODE AccessMode
,
293 IN BOOLEAN CaptureIfKernel
298 SeDefaultObjectMethod(
300 SECURITY_OPERATION_CODE OperationType
,
301 PSECURITY_INFORMATION SecurityInformation
,
302 PSECURITY_DESCRIPTOR NewSecurityDescriptor
,
304 PSECURITY_DESCRIPTOR
*OldSecurityDescriptor
,
306 PGENERIC_MAPPING GenericMapping
311 SeSetWorldSecurityDescriptor(
312 SECURITY_INFORMATION SecurityInformation
,
313 PISECURITY_DESCRIPTOR SecurityDescriptor
,
320 IN PACCESS_TOKEN Token
,
321 IN SECURITY_IMPERSONATION_LEVEL Level
,
322 IN KPROCESSOR_MODE PreviousMode
,
323 OUT PACCESS_TOKEN
* NewToken
326 #define SepAcquireTokenLockExclusive(Token) \
328 KeEnterCriticalRegion(); \
329 ExAcquireResourceExclusive(((PTOKEN)Token)->TokenLock, TRUE); \
332 #define SepAcquireTokenLockShared(Token) \
334 KeEnterCriticalRegion(); \
335 ExAcquireResourceShared(((PTOKEN)Token)->TokenLock, TRUE); \
338 #define SepReleaseTokenLock(Token) \
340 ExReleaseResource(((PTOKEN)Token)->TokenLock); \
341 KeLeaveCriticalRegion(); \
345 SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
346 OUT PACCESS_MASK DesiredAccess
);
349 SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
350 OUT PACCESS_MASK DesiredAccess
);